IDG 

•  com 


Cisco  raises  rates  The  cost  of  maintaining 

older  Cisco  routers  is  going  up  this  week.  PAGE  1 3. 


Jail  time?  A  software  trade  group  exec  and  an  Internet  law 
expert  debate  whether  software  pirates  deserve  jail  time.  PAGE  29. 
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Itanium  2  is  ready 
...  but  are  buyers? 


■  BY  DENI  CONNOR 

SANTA  CLARA  —  Intel  next 
week  will  release  the  second  gen¬ 
eration  of  its  64-bit  Itanium  pro¬ 
cessor,  a  device  that  will  let  Intel- 
based  boxes  rival  the  perfor¬ 
mance  of  RISC-based  servers, 
some  experts  say 

Hewlett-Packard,  which  invent¬ 
ed  Itanium  with  Intel,  also  will 
unveil  two  servers  based  on  the 
upgrade:  a  two-processor  RX2600 
and  a  four-processor  RX5670. 

IBM  and  Dell  have  yet  to  an¬ 
nounce  release  dates  for  their 


Itanium  2  products. 

Opinions  from  analysts  and  cus¬ 
tomers  differ  widely  on  whether 
Itanium  2  will  increase  server 
sales  over  its  predecessor.The  first 
Itanium  processor,  released  last 
year,  has  been  used  primarily  for 
deployment  testing,  design  and 
analysis,  high-performance  tech¬ 
nical  computing, and  simulation 
applications. 

“We  expect  much  the  same 
market  for  Itanium  2  as  we’ve 
seen  for  Itanium,”  says  Andrew 
Butler,  a  vice  president  at  Gartner. 

See  Itanium,  page  48 
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Fluke  scores  big 

in  our  test  of 
handheld  network 
analyzers.  Fluke’s 
NetTool  Connect¬ 
ivity  Tester  and 
OneTouch  Series 
II  Network  Assist¬ 
ant  win  first  and  second  place  for 
their  ability  to  diagnose  basic 
network  ills. 
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WorldCom  users 
weighing  options 

Accounting  scandal  fans  fears  about  viability,  service  levels. 


IIThis  has  been 
a  vety  tough  week 
for  WorldCom.  No 
doubt  about  it  91 

John  Sidgmore, 

CEO,  WorldCom 


I  Ilfs  outrageous. 
We  will  fully  in¬ 
vestigate  and  hold 
people  account¬ 
able  for  mislead¬ 
ing  not  only  share¬ 
holders  but  also 
employees.  9  9 

President  George  Bush 


I  fcUntil  somebody 
goes  to  jail  I'm  not 
sure  these  people 
are  going  to  get 
the  message.  9  9 

Sen.  John  McCain, 
(R-Ariz.) 


Microsoft  needs  help 
for  security  plan  to  fly 


■  BY  MICHAEL  MARTIN  AND 
JENNIFER  MEARS 

WorldCom’s  $3.8  billion  ac¬ 
counting  shocker  left  customers 
reeling  last  week,  worrying  about 
what  the  resultant  layoffs  will 
mean  to  service  levels  and  ques¬ 
tioning  the  carrier’s  long-term 
viability 

National  Semiconductor,  which 
has  relied  on  the  No.  2  U.S.  long¬ 
distance  carrier  for  remote-ac¬ 
cess  services  for  the  past  three 
years,  is  considering  other 
suppliers. 

“We  are  definitely  giving  other 
suppliers  more  attention  now, and 
we  are  including  some  that  previ¬ 
ously  appeared  significantly  less 
financially  stable  than  World¬ 
Com,”  says  Ulrich  Seif,  National’s 
CIO.  “It’s  not  clear  yet  whether  we 
have  to  do  something  this  minute, 
or  even  whether  we  have  to  do 
anything.  We  need  more  informa¬ 
tion  about  the  ability  of  World¬ 
Com  to  pull  through,  even  in 
bankruptcy  But  we  are  preparing.” 

Putnam  Lovell,  a  WorldCom 
voice  and  data  customer  for 
three  years,  will  scrutinize  the 
level  of  service  it  gets. 

“The  risk  of  short-term  loss  in 
service  is  minimal,”  says  CTO 
Rodric  O’Connor. 

He  is  concerned  that  the 
rumored  17,000  job  cuts  World¬ 
Com  officially  announced  last 
week  could  hurt  the  carrier’s  cus¬ 
tomer  service. 

See  WorldCom,  page  11 


■  BY  JOHN  FONTANA 

Microsoft’s  latest  plan  to  secure 
desktop  systems  is  complex  and 
will  require  coordination  with 
hardware  and  software 
manufacturers  across 
the  industry. 

If  successful,  PCs  will 
come  with  certificates  stored  in 
hardware  that  will  control  user 
access  to  the  computer  and  vali¬ 


date  everything  sent  to  that  com¬ 
puter  from  executable  code  to 
documents.  It  will  let  users  safe 
guard  sensitive  data,  stop  spam 
and  viruses, and  ensure  only  ap¬ 
proved  software  runs 
on  the  machine. 

Microsoft  unveiled 
its  project  last  week  as 
Palladium,  software  that  works 
in  conjunction  with  specialized 
See  Palladium,  page  49 


■  Net  security  is 
where  the  money 
is.  See  page  8. 
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Storage  in  every  size  and  width. 


The  difference  between  winning  and  losing  is  a 
little  thing  called  “storage’.’  And  the  winning  play 
is  integrated  storage  solutions.  Why?  Hardware 
and  software  that  fit  and  work  together  speed 
implementation.  They  allow  you  to  maximize  your 
current  infrastructure  investments  and  help  reduce 
risk.  IBM  Total  Storage™  solutions  are  complete, 
cross-platform  storage  offerings  that  cover  storage 
networking,  disk,  tape,  software  and  services.  For 
example,  IBM  NAS  gives  you  amazingly  scalable 
data  storage  that  fits  into  just  about  any  LAN -fast. 
IBM  FAStT  offers  some  of  the  highest  performance, 
most  affordable  midrange  disk  storage  available 
today.  Are  you  bent  on  winning?  You  can  test-drive 
any  IBM  storage  solution  at  one  of  over  140  IBM 
TotalStorage  Solution  Centers.  Find  out  where,  at 
ibm.com/totalstorage/solutions 


Full-tilt  scalability.  Massive  horsepower. 


Meet  the  BayStack  470-48T  Switch. 

Looking  to  jump-start  your  network  through  the  wiring  closet?  Nortel  Networks™  has  the  machine  for  you.  With  its 
impeccable  scalability,  the  BayStack™  470-48T  Switch  can  be  stacked  (a  total  of  eight)  to  achieve  up  to  384 10/100  ports 
for  high-density  desktop  switching.  And  if  it’s  muscle  under  the  hood  you’re  after,  the  BayStack  470  comes  standard 
with  two  GBIC  ports  for  dedicated  uplink  connectivity  to  network  core  switches  or  in  a  full  stack  with  up  to  16  GBIC 
ports  available  for  uplink  capability.  The  resilient  stacking  design  and  fault-tolerant  connections  to  mission-critical 
servers  or  core  switches  assure  continuous  network  operation  with  minimal  downtime.  You'll  even  save  money  since 
its  innovative  built-in  stacking  design  eliminates  the  need  to  purchase  stacking  accessories  and  frees  up  uplink  ports 
for  double  the  throughput  to  the  network  center.  Plus,  BayStack's  comprehensive  QoS  implementation  ensures 
network  availability  for  the  most  bandwidth-intensive  or  delay-intolerant  applications.  Enhanced  security  features 
even  offer  protection  against  unauthorized  access.  Bottom  line  -  it’s  loaded  with  extras  for  premium,  cost-effective 
network  performance  on  all  points.  To  learn  more,  visit  www.norte1networks.com/baystack470-48t. 
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■  8  Security  pros  being  rewarded,  survey  says. 

■  8  Network  World  Fusion  makeover  designed  to  boost  research 

capabilities. 

■  8  Hewlett-Packard  stays  on  service  management  track. 

■  10  IBM  revives  directory  focus  by  acquiring  metadirectory  firm. 

■  10  Retail  CIOs  talk  shop. 

■  11  Tests  reveal  IDS  strengths,  weaknesses. 


Infrastructure 

■  13  Cisco  raises  maintenance 
fees. 

■  13  Hewlett-Packard,  partners 
join  to  install  wireless  LANs. 

■  14  Zambeel  launches  massive 
network-attached  storage  server. 

■  14  Dave  Kearns:  A  little 
help  from  a  friend. 
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Applications 

■  17  DNS  risks  lurk  in  corporate 
networks. 

■  17  Lotus  adds  antispam  fea¬ 
tures  to  Domino  6. 

■  18  Curl  software  builds  'rich 
clients.' 

■  18  Scott  Bradner:  The 

final  (for  some)  report. 
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Navigating  the  compensation 
quagmire. 

Service  Providers 

■  21  Digex  to  leverage  link  to 
WorldCom. 

■  21  Verizon  branches  out  with  IP 
Centrex  offering. 

■  22  Carriers  unite  to  keep 
KPNQwest  network  alive. 

■  22  Johna  Till  Johnson: 
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move  to  nets. 
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increase  sixfold. 
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Opinions 

■  30  Editorial:  The  last  tele¬ 
com  cowboy. 

■  31  Henry  Fiallo:  Making 
sure  ROI  is  realized. 

■  31  James  Kobielus:  Still  no 
universal  workflow. 
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for. 

■  50  ’Net  Buzz:  Hands-free 
communications  device  looks  awfully 
handy. 
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■  37  Pressure-cooker  certifica¬ 
tion:  Two  IT  executives  detail 
how  they  got  their  staffs  trained 
quickly. 
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Face-Off:  Do  software  pirates  deserve  jail  time?  Two  indus¬ 
try  leaders  debate  whether  the  punishment  fits  the  crime. 

Page  29. 


Keith  Kupferschmid 
says  jail  time  is  the 
best  deterrent  for 
software  pirates ... 


...  while  Jennifer 
Granick  says  it  will 
instead  hurt  techno¬ 
logical  evolution. 


It’s  no  fluke.  Oh,  it  is  Fluke:  NetTool  Connectivity  Tester  from 
Fluke  Corp.  wins  our  test  of  handheld  network  analyzers.  Page  33. 
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,  Interactive 

Forum:  The  new  Fusion 

Log  on  to  www.nwfusion.com  and  check  out  our  new  look.  Our  new 
design  gives  you  a  new,  and  we  hope  easier,  way  to  navigate  the  site  top¬ 
ics.  We  tried  to  figure  out  the  key  areas  of  most  interest  to  network 
pros  and  create  home  pages  for  those  topics  that  will  quickly  link  you  to 
all  the  relevant  resources  we  have.  Let  us  know  what  you  think. 
DocFinder:  1041 

Forum:  WorldCom’s  woes 

the  company  is  nearly  $4  billion  off  in  its  bookkeeping,  is  mired  in  scan¬ 
dal  and  appears  headed  for  bankruptcy.  What  do  you  think  the  future 
holds  for  the  carrier,  and  how  does  it  affect  you? 

DocFinder:  1042 

More  with  Less 

Learn  how  to  get  the  most  out  of  your  equipment,  staff,  contracts,  bud¬ 
gets  and  more. 

DocFinder:  1054 

Seminars  and  Events 

VoIP  training  comes  to  you! 

Looking  for  a  cost-effective  way  to  train  your  team?  frying  to  widen  your 
department's  skill  set  on  a  shrinking  budget?  With  equipment  provided  by 
Avaya,  NetSmart’s  on-site  voice-over-IP  training  is  the  perfect  way  to 
educate  your  staff  without  leaving  the  office.  DocFinder:  9945 
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Columnists 

Compendium 

An  XML  programming  language 
Fusion  Executive  Editor  Adam  Gaff  in  introduces  you  to  x++, 
which  claims  to  be  the  world's  first  general-purpose  pro¬ 
gramming  language  based  on  XML  Version  1.0. 

DocFinder:  1044 

Help  Desk 

Joining  Ethernet  and  token  ring 

Columnist  Ron  Nutter  helps  a  reader  who  wants  to  link 

Ethernet  and  token  ring  LANs. 

DocFinder:  1045 

Home  Base 

Where  the  telework  jobs  are 

Columnist  Jeff  Zbar  details  a  new  book  that  offers  tips,  dis¬ 
pels  myths  and  helps  you  weed  out  scams. 

DocFinder:  1046 

View  from  The  Edge 

Ciena/ONI  deal  done 

The  Edge  Managing  Editor  Jim  Duffy  notes  that  jobs  for  335 
employees  also  are  done  as  the  combined  company  pares 
costs  in  light  of  downcast  third  quarter. 

DocFinder:  1047 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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denies  any  wrongdoing  and  filed  a  lawsuit  of  its  own.  saying  Akamai  has  been  spreading 
false  information  about  the  company  Akamai  has  patent  infringement  claims  pending 
against  Speedera  and  Digital  Island,  which  Cable  &  Wireless  now  owns. 

Lawmakers  target  peer-to-peer  piracy 

■  U.S.  Rep.  Howard  L.  Berman  (D-Calif.)  last  week  said  he  is  taking  aim  at  the  “unbridled" 
piracy  taking  place  over  decentralized  peer-to-peer  file  sharing  networks,  by  introducing 
legislation  that  would  let  copyright  holders  employ  a  variety  of  technological  tools  to  pre¬ 
vent  illegal  trading.  Berman  previewed  the  legislation  while  speaking  to  the  Computer  and 
Communications  Industry  Association,  saying  copyright  holders  have  a  disadvantage 
against  peer-to-peer  pirates  under  existing  legislation. “While  [peer-to-peer]  technology  is 
free  to  innovate  new  and  more  efficient  methods  of  distribution  that  further  exacerbate 


■  Th-  Good  Bad  Ugly 


One  happy  family.  Just  two  months  after  creating  a  specification  to  address  security  for 
Web  services,  IBM,  Microsoft  and  VeriSign  last  week  submitted  it  to  a  standards  body  and  gained  the 
support  of  a  noted  rival  —  Sun.  The  WS-Security  specification,  developed  by  the  trio,  has  been  accepted 
for  review  by  the  Organization  for  the  Advancement  of  Structured  Information  Standards.  The  inclusion 
of  Sun  should  help  streamline  the  ongoing  work  on  Web  services  security. 

Outsource  and  run.  Roger  Cox,  vice  president  of  strategic  outsourcing  for  Europe, 
Middle  East  and  Africa  at  Gartner,  says  tough  financial  times  are  resulting  in  corporate  IT  shops 
making  really  bad  decisions  when  it  comes  to  outsourcing:  "People  are  signing  things  because  they 
know  they  won’t  be  around  to  deal  with  the 
consequences,  that  they’ll  have  moved  on." 

Stop  bugging  me 

Software  bugs  are  costing  the 
U.S.  economy  roughly  $59.5  bib 
per  year,  with  64%  of  the  cos 
borne  by  end  users  and  the 
remainder  by  developers  and  vendors, 
according  to  a  new  study 
commissioned  by  the  National 
Institute  of  Standards 
and  Technology.  > 


ICANN  adopts  reform  blueprint 

■  The  board  of  directors  of  the  Internet  Corporation  for 
Assigned  Names  and  Numbers  voted  17-0  Friday  to 
adopt  a  controversial  plan  for  overhauling  the  nonprof¬ 
it  organization,  which  oversees  the  Internets  DNS.  The 
reform  blueprint  outlines  a  process  to  speed  up  ICANN’s 
policy  setting.The  most  controversial  aspect  is  the  elim¬ 
ination  of  at-large  elections  for  some  ICANN  board 
seats,  which  previously  were  voted  for  by  Internet  users. 

Instead,  ICANN  will  establish  a  nominating  committee 
with  representatives  from  its  constituency  groups  to 
select  these  six  board  members.  The  majority  of  board 
members  will  continue  to  be  appointed  by  ICANNs 
supporting  organizations  for  generic  top-level  domains, 
countiy  code  top-level  domains  and  IP  addressing. The 
proposal  also  addresses  ICANNs  inability  to  adequately 
fund  its  operations  by  levying  a  25-cent-per-name  fee  on 
ICANN-accredited  registrars  and  registries.The  plan  can 
be  read  at  www.nwfusion.com,  DocFinder:  1053. 

Wyly  again  takes  aim  at  GA  directors 

■  Computer  Associates  once  again  will  have  to  endure  a  proxy  fight 
prompted  by  Dallas  investor  Sam  Wyly  and  his  company  Ranger  Govern¬ 
ance.  Ranger  said  last  week  that  it  would  nominate  five  candidates  to 
potentially  replace  directors  currently  sitting  on  the  board  at  CA.Topping  the  list  of  direc¬ 
tors  Wyly  wants  to  replace  are  CA  Chairman  Charles  Wang  and  CEO  Sanjay  Kumar.  Ranger 
cited  falling  stock  prices  and  declining  revenue  as  reasons  to  oust  the  current  manage¬ 
ment.  In  a  statement,  CA  said  it  will  counter  Wyly’s  third  attempt  to  take  the  board  down 
with  a  proxy  statement  of  its  own,  calling  the  latest  challenge  “an  unwanted  distraction.” 

Akamai  accuses  Speedera  of  trade  theft 

■  'Hie  battle  between  content  delivery  companies  Akamai  Technologies  and  Speedera 
Networks  has  escalated  with  claims  of  trade  secret  theft,  unfair  competition  and  even  an 
FBI  investigation.  Akamai  last  week  filed  suit  against  Speedera, saying  that  Speedera  CTO 
Richard  Day,  over  the  course  of  several  months,  broke  into  a  protected  database  main¬ 
tained  by  Keynote  Systems  to  gain  access  to  competitive  performance  information  about 
Akamai. The  lawsuit  came  just  days  after  the  FBI  searched  Day’s  offices  in  response  to  an 
affidavit  that  Speedera  Vice  President  Gordon  Smith  said  was  filed  by  Akamai.  Speedera 

COMPENDIUM 

Chalk-wielding  wireless  geeks 

ir i  the  day,  hobos  used  to  leave  pictographic  signs  alerting  other  hobos 
h  things  as  the  presence  of  police,  free  food,  etc.  Warchalk  is  an  effort 
cate  this  for  the  wireless  age.  The  idea  is  that  the  sort  of  people  who 
around  cities  looking  for  wireless  LANs  to  connect  to  will  leave  chalk 
mart.  for  others  to  let  them  know  they've  just  stumbled  across  a  usable 
wireie  ‘;-cess  point  See  more  daily  stuff  you  gotta  see  in 
Comp<  tdiun  at:  www.nwfusion.com,  DocFinder:  1040. 


the  piracy  problem,  copyright  owners  are  not  equally  free  to  craft  technological  respons¬ 
es,”  Berman  said.  While  the  congressman  said  he  believes  in  the  potential  of  peer-to-peer 
networks,  he  also  thinks  most  users  engage  in  piracy,  downloading  “billions”  of  copyright- 
protected  works  each  month.  Berman  proposes  copyright  holders  be  allowed  to  employ 
"technological  self-help  measures” such  as  fileblocking  and  decoys  to  stop  illegal  trading. 

Flaws  flagged  in  OpenSSH 

■  A  pair  of  security  vulnerabilities  in  a  suite  of  tools  used  to  send  encrypted  traffic  to 
servers  could  let  attackers  run  code  on  affected  servers  or  cause  denial-of-service  attacks. 
The  flaws  exist  in  OpenSSH,  which  replaces  programs  such  as  Telnet  and  FTP  with  secure 
versions,  granting  users  an  encrypted  means  of  communicating  with  servers.The  vulner¬ 
abilities  affect  OpenSSH  Versions  2.3.1  pi  through  3.3, according  to  an  advisory  from  CERT 
Coordination  Center.The  flaws  are  in  two  types  of  authentication  modules. An  affected  ver¬ 
sion  of  the  software  ships  with  the  OpenBSD  operating  system.  Users  also  might  have 
downloaded  and  installed  affected  versions  for  other  platforms.  Users  should  upgrade  to 
OpenSSH  3.4  or  apply  the  patch  available  at  www.nwfusion.com,  DocFinder:  1055. 

No  surprises  in  study  of  job  'growth' 

■  Not  that  more  proof  is  needed,  but  an  industry  trade  group  released  a  report  last  week 
that  reveals  a  sharp  decline  in  job  growth  in  the  U.S.  high-tech  industry  during  2001. The 
AeA  (formerly  the  American  Electronics  Association)  released  its  annual  Cyberstates 
report  on  the  U.S.  high-tech  industry:  It  said  companies  in  the  high-tech  sector  added 
80,000  technology  jobs  in  2001, compared  with  440,000  new  jobs  in  2000.  It  was  the  small¬ 
est  rate  of  job  growth  in  the  U.S.  high-tech  sector  since  the  Cyberstates  report  was  initiat¬ 
ed  six  years  ago. Twenty  states  saw  a  decline  in  industry  employment,  the  AeA  reported. 


in  a  world  of  “security  solutions”  ? 


SSH  Secure  Shell.  Essential. 

Poor  Packet.  It's  easy  to  get  lost  in  a  quagmire  of  complex  security  offerings.  Sometimes,  you  just  want  something  simple  —  that  works.  Like  SSH 
Secure  Shell.  We  invented  it.  It's  the  worldwide  de  facto  standard  —  essential  for  secure  remote  access,  with  millions  of  users  worldwide.  SSH 
offers  Secure  Shell  in  a  robust,  fully-supported  commercial  grade  release  that's  perfect  for  any  enterprise.  Once  launched,  it  provides  transparent, 
strong  authentication  —  encrypting  passwords  and  securing  communications  over  any  IP-based  connection. 

So  to  find  your  way  home,  come  visit  us  at  www.ssh.com. 


Tel  I650J  251  2700  •  Fax  1&50J  251  2701  •  ’076  East 


2002  SSH  Communications  Security  Corp.  All  rights  reserved.  ssh‘  is  a  registered  trademark  of  SSH  Communications 
Security  Corp  in  the  United  States  and  in  certain  other  jurisdictions.  SSH2,  the  SSH  logo,  1PSEC  Express,  SSH  Certifier,  SSH 
QuickSec,  SSH  Sentinel,  Makfng  the  Internet  Secure  and  Packet  the  Oog  are  trademarks  of  SSH  Communications  Security 
Corp  and  my  be  registered  in  certain  jurisdictions.  All  other  names  and  marks  are  property  of  their  respective  owners. 
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HP  bolsters 
service 
mgmt. 
position 

■  BY  DENISE  DUBIE 

SEATTLE  —  Automating  the 
process  of  tracking  application 
operations  and  IT  services  across 
networks  could  be  the  key  to 
helping  customers  improve  per¬ 
formance  while  still  controlling 
costs,  and  Hewlett-Packard  has 
just  the  platform  for  the  job: 
OpenView. 

That  was  the  central  theme  last 
week  at  the  company’s  Software 
Forum.  About  1,700  attendees 
heard  HP  executives  reinforce 
the  concept  of  service-driven 
management,  or  managing  net¬ 
work  elements  together  based 
on  the  application  and  service 
they  support  rather  than  on  a 
piecemeal  basis. 

“The  silver  bullet  in  IT  today  is 
service  management.lt  will  help 
IT  departments  do  a  better  job 
and  do  it  for  less  monejf  said 
Patty  Azzarello,  vice  president 
and  general  manager  of  the 
OpenView  Software  Business 
Unit  at  HP 

No  longer  is  it  OK  to  manage 
service  levels  by  pooling  data 
from  disparate  sources  and  ana¬ 
lyzing  performance  after  the  fact, 
Azzarello  says.  Now  IT  organiza¬ 
tions  must  collect  data  across 
databases,  systems,  networks  and 
applications,  correlate  that  data 
in  real  time  and  understand  what 
the  performance  means  to  the 
company’s  line  of  business.  Bas¬ 
ically, are  service  levels  being  met 
now? 

John  Saville,CIO  at  Jaguar  Rac¬ 
ing  in  England,  a  player  in  For¬ 
mula  1  racing  competitions,  says 
he  chose  OpenView  to  help  him 
manage  service  levels  and  main¬ 
tain  constant  contact  across  sev¬ 
eral  locations.  He  needs  software 
that  lets  him  “see  the  whole  glob¬ 
al  network  from  one  place.” 

Jaguar  Racing  uses  Network 
Node  Manager,  OpenView  Oper¬ 
ations  and  OpenView  Internet 
Services  in  conjunction  to  track 
network  performance  across 
LANs  and  WANs. 

Jaguar  Racing  builds  new  cars 
to  participate  in  F-l  races  just 
about  every  week.  The  company 
uses  OpenView  to  manage  the 
network  between  the  factory'  and 
Jaguar  Racing’s  IT  staff  at  the 
See  Hewlett  Packard,  page  49 


Security  pros  being  rewarded 


Good  work,  if  you  can  get  it 

The  average  compensation  paid  to  IT  security  employees 
rose  9%  from  last  year,  according  to  a  Foote  Partners 
survey  of  29,600  IT  employees. 

8  Job  title 

Average  compensation! 

Security  director 

$153,774 

Security  manager 

$120,749 

Web  security  manager 

$107,448 

Data  warehousing  security  manager 

$101,851 

Senior  security  analyst 

$97,062 

Systems  administrator 

$76,461 

SOURCE  WWW.FOOTEPARTNERS.COM 
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■  BY  ELLEN  MESSMER 

Although  these  are  hard  times 
for  many  in  the  IT  industry,  the  sta¬ 
tus  of  information  security  profes¬ 
sionals  is  on  the  rise  —  at  least 
based  on  how  much  they’re  get¬ 
ting  paid. 

A  survey  conducted  by  market 
researchers  Foote  Partners  of 
29,600  IT  workers  in  dozens  of 
occupations  —  from  data  ware¬ 
housing  to  e-commerce  —  shows 
that  those  with  security-related 
jobs  received  a  9%  pay  hike,  on 
average,  from  last  year.  No  other 
category  saw  an  increase,  the  sur¬ 
vey  of  1,840  corporate  and  gov¬ 
ernment  organizations  found. 

In  a  separate  survey  Foote  Part¬ 
ners  found  that  security  profes¬ 
sionals  with  certifications  from 
outfits  such  as  the  SANS  Institute 
and  the  International  Informa¬ 
tion  Systems  Security  Certifica¬ 
tion  Consortium  are  being  paid 
particularly  well  —  as  much  as 


12%  more  than  those  without 
such  certifications. 

One  Foote  Partners’  challenge 
in  conducting  its  surveys  was 
determining  which  employees 
have  security-related  jobs,  be¬ 
cause  there  is  considerable  cross¬ 
over  between  security  and  other 
jobs.  “Titles  can  be  a  problem,” 


says  David  Foote,  Foote  Partners 
president. 

At  Sony  Pictures  Entertainment, 
for  instance,  two  Windows  NT  en¬ 
gineers  are  part  of  a  “tiger  team” 
for  security  and  incident  re¬ 
sponse,  says  Jeff  Uslan,  director  of 
information  protection  and  secu¬ 
rity  Such  cross  pollination  is  de¬ 


NW  Fusion  makeover  designed 
to  boost  research  capabilities 


■  BY  ADAM  GAFFIN 

SOUTHBOROUGH,  MASS.  —  Network  World 
Fusion  (www.nwfusion.com),  the  award-winning 
Web  edition  of  Network  World,  today  relaunches 
with  a  new  emphasis  on  key  network  topics. 


The  Web  site  now  features  more  than  60  index 
pages  on  specific  technologies  and  issues,  from  ap¬ 
plication  development  to  WAN  services. 

On  each  index  page,  you’ll  find  topic-specific 
breaking  news,  opinion  and  analysis  from  Network 
World,  Network  World  Fusion  and  the  IDG  News 
Service.  Plus,  each  page  has  its 
own  search  box,  letting  you 
quickly  find  just  the  story  or 
resource  you  need. 

Many  pages  also  have  links  to 
in-depth  resource  pages  that 
will  quickly  gather  additional 
information  from  around  the 
Web. 

You  can  use  a  more  traditional 
toolbar  to  link  to  such  areas  as 
news,  products  and  services, 
and  opinions,  and  to  three 
broad  coverage  areas  —  corpo¬ 
rate  networks,  service  provider 
networks  and  remote  network¬ 
ing.  A  revamped  site  search 
engine  lets  users  conduct  broad 
searches  across  the  entire  site  or 
narrow  the  search  by  key  areas 
and  topics. 

With  the  redesign,  Network 
World  Fusion  also  introduces  a 
range  of  topic-specific,  XML- 
based  Rich  Site  Summary  feeds 
that  let  you  easily  integrate  our 
headlines  with  your  intranet  or 
Web  sites.  ■ 


Network  World’s  redesigned  site  gives  you  several  ways 
to  zero  in  on  just  the  information  you  need. 

Enhanced  search  In-depth  breaking  New  topic-based 
engine  lets  you  news  and  analysis  navigation  to  get 

find  specific  from  Network  World,  you  to  key  net- 

resources  quickly. 


a. 


work  topics. 


CORPORATE  NETWUH  S  ■  REMOTE  NEIWOIUUNG 


■  SERVICE  PROVIDER  NEI  WORKS 
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sirable,  especially  because  Uslan 
has  fewer  than  10  people  on  his 
staff  to  deal  with  IT  security 

For  purposes  of  its  survey,  Foote 
Partners  put  security  director  at 
the  top  rung  of  the  security  job 
ladder,  with  security  directors 
earning  an  average  of  $124,513 
compared  with  $1 16,226  last  year. 
Bonuses  are  rising  from  $25,570 
last  year  to  $29,261  this  year. 

The  security  director’s  primary 
responsibility  is  to  devise  security 
policies  for  user-account  man¬ 
agement,  network  access,  inci¬ 
dent  response  and  emergency 
backup,  and  then  get  those  poli¬ 
cies  put  into  action. 

“We  also  have  normalized  au¬ 
dits,  such  as  performing  network 
penetration,  to  test  for  security 
vulnerabilities,”  says  Matt  Archi¬ 
bald, director  of  security  services 
at  handheld  maker  Palm,  who 
has  a  staff  of  four  security  spe¬ 
cialists.  “But  you  may  turn  fire¬ 
wall  management  over  to  the 
network  guys,  expecting  them  to 
build  the  firewall  based  on  your 
specifications.” 

The  next  rung  down  on  the 
security  job  ladder,  according 
to  Foote  Partners,  is  the  security 
manager,  whose  pay  has  in¬ 
creased  to  $107,812,  from 
$103,257  last  year.  But  the  bon¬ 
us  package  dipped  to  $12,937 
from  $17,554  last  year. 

The  main  difference  between  a 
security  manager  and  director, 
Foote  Partners  says,  is  years  of 
experience.  A  manager  has  seven 
or  more  years  of  experience  in  IT 
with  four  to  five  years  in  security, 
whereas  a  director  has  10  years 
or  more  in  IT  and  six  to  seven 
years  in  data  security 

Foote  Partners  didn’t  include 
the  title  “chief  security  officerf 
which  was  lumped  in  with  other 
“executives.” 

In  a  separate  survey  of  1,214 
security  administration  profes¬ 
sionals,  the  SANS  Institute  also 
paints  a  bright  picture  for  security 
professionals. 

The  2002  SANS  Security  and 
System/Network  Administration 
Salary  Survey  shows  that  salaries 
over  the  past  year  have  risen  7% 
for  security-related  jobs,  with  an 
average  14.5%  increase  in  bon¬ 
uses.  The  average  salary  paid  to 
all  security  and  systems  staff  who 
participated  in  the  survey  is 
$69,340,  with  those  in  Asia  faring 
slightly  better  than  those  in  the 
U.S. Those  in  the  U  K.  and  Western 
Europe  fared  worst  ■ 


And  now,  a  few  words 
about  data  back  up: 


For  the  tech  crowd: 

BrightStor™  Storage  Software 

More.  More.  And  now.  These  are  the  words  most  frequently 
associated  with  storage  needs.  The  explosion  in  web  activity, 
the  perpetually  increasing  number  of  applications  coming 
out  that  require  larger  databases  and  the  spiraling  complexity 
of  enterprise  storage  solutions  has  increased  the  demand  for 
immediate  solutions  to  growing  storage  problems. 

That's  why  there's  BrightStor  from  Computer  Associates  (CA). 
The  most  comprehensive  family  of  storage  solutions  on  the 
market,  BrightStor  solutions  are  completely  and  totally  open. 
Which  means  that  unlike  most  vendors,  who  are  focused 
solely  on  their  individual  solutions,  BrightStor  brings  multi¬ 
vendor  systems  and  the  environment  together  seamlessly. 

What  does  this  mean  for  you?  It  means  optimization  of 
resources  across  all  platforms  and  storage  types.  It  means  a 
greater  understanding  of  your  storage  resources  and  how  to 
best  allocate  them  to  fit  your  needs.  And  it  means  a  lower 
total  cost  of  ownership. 

Specifically,  BrightStor  provides  you  with  unparalleled  data 
protection,  real-time  data  availability,  and  the  ability  to  view, 
manage,  and  monitor  your  resources  from  a  central  location. 
And  BrightStor  is  the  only  software  of  its  kind  that 
incorporates  CA's  portal  technology  — the  leading  portal 
solution  on  the  market. 

Why  rely  on  Computer  Associates?  Because  we're  a 
completely  independent  software  company  with  over 
25  years  of  experience.  That's  how  we  got  to  be  the 
software  management  experts.  And  that's  why  99%  of 
the  Fortune  500®  rely  on  our  software. 

We  know  that  storage  is  no  longer  just  backing  up  what  you 
already  have.  It's  facilitating  integration  with  every  aspect  of 
your  entire  eBusiness.  It's  leveraging  all  of  your  existing 
capabilities  to  maximize  your  resources  enterprise-wide.  And, 
most  important,  it's  using  what  you  have  to  find  future 
opportunities  and  capitalize  on  them. 


For  everybody  else: 

Reliable  =  Good. 
Unreliable  =  Bad. 


Computer  Associates™ 


HELLO  TOMORROW 


™  WE  ARE  COMPUTER  ASSOCIATES 


THE  SOFTWARE  THAT  MANAGES  eBUSINESS™ 


ca.com/brightstor/storage 


©2002  Computer  Associates  International,  Inc.  (CA).  All  trademarks,  trade  names,  service  marks,  and  logos  referenced  herein  belong  to  their  respective  companies. 
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Retail  IT  executives  talk  shop 

Supply-chain  gains  require  collaboration  with  partners,  senior  management  buy-in,  IT  execs  say. 


fcfc  We  all  like  to  work  on  sexy  projects.  I've 
been  bit  more  than  a  few  times  by  sparing 
some  expense . . .  .11 


■  BY  ANN  BEDNARZ 

CHICAGO  —  Retailers  need  to 
make  a  more  sincere  effort  to  col¬ 
laborate  with  their  suppliers  if 
they  are  to  realize  significant  sup- 
ply-chain  improvements,  IT  exec¬ 
utives  at  a  retail  technology  con¬ 
ference  said  last  week. 

Technologically  that  means 
tackling  systems  integration  so 
retailers  and  suppliers  can  easily 
exchange  data.  Culturally,  it 
means  letting  go  of  long-standing 
corporate  tendencies  to  closely 


Paul  Lanham 

CTO,  Jones  Apparel  Group 

guard  sales  and  forecasting  data. 
With  better  access  to  each  others 
data,  suppliers  stand  to  gain  by 
improving  production  schedules 
and  retailers  by  reducing  invent¬ 


ory  buildups. 

Yet  today  there’s  friction  along 
every  step  of  the  supply  chain, 
said  Brian  Kilcourse,  CIO  at 
Walnut  Creek,  Calif.,  drugstore 


IBM  revives  directory  focus  by 
acquiring  Norwegian  firm 


■  WEI  METAMERGE 


Location 

Oslo,  Norway 

Founded 

1998  as  ArchiTech 

Business 

Integration  software  for  directories. 

Key 

personnel 

Co-founders  Michael  Knagenhjelm,  a  former 
economist  and  investment  banker;  Johan  Varno, 
who  has  a  background  in  integration  of  large-scale 
networks;  and  Bjorn  Stadheim,  a  10-year  veteran 
of  Control  Data.  Also,  chief  marketing  officer 
David  Goodman,  who  spent  six  years  as  a  senior 
product  manager  at  IBM. 

Finances 

In  January  2001,  the  company  received  its  first 
venture  capital  investment  of  $3  million  from  RVC 
Greenhouse  Fund  and  Convexa  Capital. 

Key 

customer 

Norwegian  chemical,  metals  and  energy  supplier 
Norsk  Hydro. 

■  BY  JOHN  FONTANA 

Network  executives  looking  to 
create  user  management  systems 
to  support  Web  services  got  a  shot 
in  the  arm  last  week  from  IBM. 

The  company  spent  an  undis¬ 
closed  amount  to  acquire  Meta- 
Merge  and  its  metadirectory, 
which  is  used  to  integrate  systems 
with  a  directory.  IBM  intends  to 
use  it  in  tandem  with  its  IBM 
Directory  Server  (formerly  called 
SecureWay)  to  create  the  infra¬ 
structure  to  support  user  manage¬ 
ment  and  secure  access  to  Web 
services.  IBM  will  call  the  technol¬ 
ogy  IBM  Directory  Integrator. 

The  need  to  manage  user  identi¬ 
ties  and  control  access  from  with¬ 
in  and  outside  an  organization 
has  become  a  key  requirement  for  companies  build¬ 
ing  Web  services  architectures. 

Corporations  are  looking  to  the  directory  as  the 
foundation  for  tying  together  authentication  and 
authorization  systems  using  standard  emerging 
technologies  such  as  Security  Assertion  Markup 
Language,  Microsoft’s  recently  announced  Trust- 
Bridge  and  the  Liberty  Alliance  Project  that  Sun 
started. 

“Now  that  identity  management  has  become  a 
strategic  business  issue,  it  has  grabbed  the  attention 
of  IBM  and  its  customers,”  says  Jamie  Lewis,  presi¬ 
dent  of  Burton  Group. 

"IBM  has  to  get  this  infrastructure  in  place.  When 
the  directory  was  more  of  a  technology  discussion, 
it  was  clear  that  IBM  was  not  making  a  long-term  bet 
on  the  directory”  Lewis  adds. 

But  its  rivals  were.  Microsoft  has  its  MetaDirectory 
Service,  Novell  has  DirXML,  and  Sun  uses  its 
SunOne  MetaDirectory. Two  weeks  ago, Critical  Path 
upgraded  its  CP  Directory  4.1  and  CP  Meta¬ 
Directory  Server  3.3  to  provide  directory  services 
for  managing  users  and  access-control  information 
to  support  Web  services. 


“The  directory  market  has  broken  into  the  main¬ 
stream  as  identity  management,”  says  Scott  Silk, 
senior  vice  president  of  marketing  and  business 
development  for  directory  integrator  ePresence. 
“Identity  management  is  about  giving  the  right  peo¬ 
ple  access  to  the  right  information  at  the  right  time. 
Look  at  Web  services,  provisioning,  wireless,  mobile 
applications, identity, single  sign-on, and  it’s  all  tied  to 
the  director/ 

MetaMerge,a  private  company  founded  in  1998  in 
Norway,  seems  a  logical  fit  for  IBM’s  Java-based  Web 
services  platform.  But  Lewis  says  there  is  still  a  lot  of 
work  to  do  to  tie  together  all  the  IBM  software. 

IBM  plans  to  use  Directory  Integrator  to  tie  its  Tivoli 
Identity  Director  to  the  IBM  Directory  Server.  It  also 
will  integrate  with  WebSphere,  DB2  and  Lotus 
Notes/Domino,  the  cornerstones  of  IBM’s  Web  ser¬ 
vices  software  foundation. 

The  acquisition  brings  back  David  Goodman,  for¬ 
mer  IBM  senior  product  manager  who  is  now  chief 
marketing  officer  at  MetaMerge.  Goodman  spent  six 
years  with  IBM  overseeing  directory  services, first  for 
SoftSwitch,  then  Lotus,  and  is  an  authority  on  direc¬ 
tory  services* 


chain  Longs  Drug  Stores. Retailers 
are  conditioned  not  to  share 
data,  and  systems  naturally  differ. 
“The  vast  majority  of  our  efforts 
go  toward  just  managing  [com¬ 
munications]  between  our  com¬ 
panies,  our  systems,”  Kilcourse 
said. “That’s  why,  in  spite  of  every¬ 
thing,  we  still  have  a  messed-up 
supply  chain.” 

Kilcourse  took  part  in  a  round¬ 
table  at  the  Retail  Systems 
2002/VICS  Collaborative  Com¬ 
merce  conference.  The  forum 
was  led  by  Paul  Singer,  CIO  at 
Minneapolis  department  store 
chain  Target  Corp.  Singer  said 
retailers  and  suppliers  need  to 
change  their  adversarial  mindsets 
and  work  on  building  trusted 
partnerships.  “Time  has  to  be 
spent  on  building  this  level  of 
trust  between  two  companies  to 
make  sure  that  things  don’t  get 
derailed,”  he  said. 

Another  factor  hampering 
retailers  from  realizing  significant 
improvements  in  their  inventory 
and  markdown  levels  is  data 
integrity  said  Paul  Lanham,  CTO 
at  apparel  maker  Jones  Apparel 
Group  of  Bristol,  Pa.  The  No.  1 
obstacle  to  improving  the  accur¬ 
acy  of  product-demand  forecast¬ 
ing  is  that  inventory  information 
fed  into  systems  doesn’t  match 
what’s  in  the  stores,  he  says. 

Gage  Andrews,  CIO  at  Gordon 
Brothers  Group,  agreed.“lt  doesn’t 
matter  how  sophisticated  we  get 
with  sharing  the  information,  or 
knowing  what’s  coming  in,  if  we 
already  have  20  of  an  item  in  the 
wrong  place  in  the  store,  misiden- 
tified,”  Andrews  said. 

At  Gordon  Brothers,  work  is 
underway  to  build  a  common 


See  Retail,  page  48 
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■  THIS  WEEK  S  QUESTION: 

Intel  made  news  in  June 
for  shutting  down  which 
of  its  businesses? 

Answer  this  and  nine  additional  questions 
online  and  you  could  win  $500!  Visit 

Network  World  Fusion  and  enter  2349 
in  the  Search  jp. 

www.nwfusion.com 
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SENIOR  EDITOR:  ELLEN  MESSMER, 

(941)  792-1061 

SENIOR  EDITOR:  CAROLYN  DUFFY  MARSAN, 
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NetworkWorld 


Given  the  new  size  and  scope  of  WoridCom’s  network, 
the  company’s  financial  turmoil  will  be  far-reaching. 

2001  revenue 

More  than  $35  billion. 

Local  operations 

In  65  countries. 

Network 

96,000  network  route  miles,  including 
terrestrial  and  undersea  cable,  in  North 
America,  Europe,  Asia,  Latin  America, 
Australia  and  Africa;  more  than  3,800 
points  of  presence  and  more  than  2.1 
million  Internet  access  dial  ports. 

ATM 

Available  in  21  countries. 

Frame  relay 

Available  in  67  countries. 

Internet  access 

Available  in  more  than  80  countries. 

Network  operation 
centers 

Five  NOCs  —  three  in  the  U.S.,  one  in 
Amsterdam  and  one  in  Sydney  —  provide 

24-7  monitoring  and  management  of 
networks  globally. 

Share  of  Internet 
transit  revenue 

About  35% 

Internet  network 
capacity 

About  30%,  or  more  than  the  next  four 
largest  providers  combined. 

WorldCom 

continued  from  page  1 

The  cuts  represent  one-fifth  of 
WoridCom’s  workforce. 

Users  should  expect  customer 
service  levels  to  go  down  be¬ 
cause  of  the  cutbacks,  says  Hank 
Levine,  a  partner  in  Levine,  Blas- 
zak,  Block  and  Boothby  a  firm 
specializing  in  telecom  contract 
negotiations. 

“You  could  expect  a  degrada¬ 
tion  over  time  in  installation 
intervals  and  the  time  it  takes  to 
resolve  things  like  billing  errors,” 
he  says. 

Like  O’Connor,  Levine  says  it’s 
unlikely  that  WoridCom’s  network 
will  disappear  overnight. 

“WoridCom’s  network  is  not  go¬ 
ing  down,”  he  says.“That  wouldn’t 
serve  the  creditors’  purpose.” 

Levine  is  advising  his  clients 
who  use  WorldCom  to  be  certain 
they  have  redundant  connec¬ 
tions  from  other  carriers  running 
into  their  primary  sites.  That’s 
something  all  businesses  with 
mission-critical  locations  should 
have  regardless  of  their  carrier’s 
financial  health,  he  adds. 

WorldCom  customer  AFLAC,  a 
supplemental  insurance  com¬ 
pany  in  Columbus,  Ga.,  says  it’s 
not  worried  about  losing  telecom 
service,  in  part  because  it  has 
other  carriers  in  place. 

“Telecommunications  is  at  the 
core  of  our  business,  and  as  long 
as  we  continue  to  receive  service 
that  meets  our  needs  and  expec¬ 
tations,  we  will  continue  our  rela¬ 


tionship  [with  WorldCom]”  a 
company  spokeswoman  says.“We 
have  no  reason  to  anticipate  any 
disruption  in  service,  but  we 
would  be  able  to  obtain  services 
from  other  telecom  providers  if 
necessary’ 

Revealing  numbers 

WoridCom’s  financial  health,  al¬ 
ready  publicly  known  to  be 
shaky  was  shown  to  be  much 
worse  last  week.  An  internal 


audit,  ordered  by  the  company’s 
new  management,  revealed  that 
the  carrier  overstated  its  cash 
flow  for  2001  and  this  year’s  first 
quarter  by  $3.8  billion. 

Instead  of  recording  charges 
made  by  local  phone  companies 
for  terminating  WoridCom’s  long¬ 
distance  calls  as  expenses,  the 
company  acknowledged  it  had 
been  recording  the  charges  as 
capital  expenditures  —  an  illicit 
practice  so  egregious  that  Presi¬ 


dent  Bush  spoke  out  against  it 
and  the  Securities  and  Exchange 
Commission  (SEC)  filed  a  civil 
suit  alleging  fraud. 

Once  the  expenses  are  properly 
recorded, WoridCom’s  $1.4  billion 
profit  in  2001  and  its  $130  million 
profit  in  the  first  quarter  of  this 
year  will  be  restated  as  losses. 

While  it  remains  to  be  seen 
what  affect  WoridCom’s  situation 
will  have  on  a  struggling  telecom 
industry  the  company’s  size  and 
scope  suggest  it  will  be  major. 

WorldCom  operates  one  of  the 
world’s  largest  Internet  back¬ 
bones,  encompassing  more  than 
3,800  points  of  presence  around 
the  world.WorldCom  says  it  serves 
millions  of  business  customers. 

The  company  also  is  the  prim¬ 
ary  voice  and  data  provider  to  the 
U.S.  government  and  its  agencies. 
(In  a  statement,  the  U.S  General 
Services  Administration  says  it 
has  received  assurances  from 
WorldCom  that  service  would 
continue,  but  the  GSA  says  it  will 
monitor  service  quality) 

WoridCom’s  fall  has  been  large¬ 
ly  the  result  of  the  same  sorts  of 
problems  bringing  down  other 
carriers.  WorldCom  spent  billions 
of  dollars  building  a  high-capac¬ 
ity  nationwide  network,  only  to 
see  prices  plummet  and  demand 
for  data  services  fall  well  short  of 
the  carrier’s  expectations. 

What's  next? 

When  John  Sidgmore  took  over 
in  April  for  deposed  CEO  Bernard 
Ebbers,  he  insisted  he  had  no  in¬ 


tention  of  filing  for  bankruptcy 
But  the  recent  turn  of  events 
makes  a  Chapter  1 1  filing  a  real 
possibility  observers  say. 

WoridCom’s  lenders  have  said 
they  will  not  be  calling  in  their 
loans  immediately  And  the  carri¬ 
er  has  about  $2  billion  in  cash 
on  hand,  which  will  allow  it  to 
continue  operating  for  the  short 
term.  But  without  more  credit, 
WorldCom  would  have  trouble 
meeting  its  bond  payments  next 
year  when  $2.6  billion  in  bonds 
come  due.  The  carrier  has  $30 
billion  in  debt. 

Don  Carros.an  analyst  with  con¬ 
sulting  firm  Meta  Group,  says  he 
thinks  WorldCom  will  file  for 
Chapter  1 1  protection  in  the  near 
future.  Bankruptcy  would  let 
WorldCom  borrow  money  — 
something  the  company  has  little 
chance  of  doing  now  with  the 
accounting  revelations. 

Chapter  1 1  also  would  give 
WorldCom  a  chance  to  reorga¬ 
nize  and  establish  some  credi¬ 
bility  with  its  customers,  possibly 
preventing  them  from  jumping 
ship. 

Meta  Group  had  already  been 
advising  its  clients  to  avoid  World¬ 
Com  if  possible,  because  of  con¬ 
cerns  over  the  carrier’s  financial 
condition.  Now  Meta  Group  is  ad¬ 
vising  those  companies  with  exit 
clauses  in  their  WorldCom  con¬ 
tracts  to  see  if  those  clauses  will 
allow  them  to  leave. 

If  WorldCom  files  for  Chapter 
1 1  bankruptcy  though,  clients 
will  not  be  able  to  get  out  of 
their  contracts  even  if  they  have 
a  contract  clause  saying  they 
can  escape  in  the  event  of  a 
bankruptcy  filing.  Once  a  com¬ 
pany  files  for  Chapter  11,  cus¬ 
tomers  can  only  get  out  of  con¬ 
tracts  if  the  bankruptcy  court 
officials  and  the  bankrupt  com¬ 
pany’s  creditors  allow  it. 

WoridCom’s  woes  could  bene¬ 
fit  other  long-distance  carriers. 

Meta  Group  says  Sprint  and 
AT&T  will  be  among  the  largest 
beneficiaries,  because  among 
large  long-distance  carriers  in  the 
U.S.,they  are  the  most  stable. 

Levine  says  Broadwing  could 
benefit,  because  most  companies 
already  have  AT&T  as  either  a  pri¬ 
mary  or  secondary  provider. 

Qwest  is  unlikely  to  benefit 
much  from  WoridCom’s  prob¬ 
lems,  given  that  it  also  is  in  a  pre¬ 
carious  financial  position  and, 
like  WorldCom,  is  under  scrutiny 
from  the  SEC  for  possible 
accounting  irregularities  involv¬ 
ing  bandwidth  swaps.  ■ 
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Test  reveals  IDS  strengths,  weaknesses 


■  BY  ELLEN  MESSMER 

CAMBRIDGESHIRE,  ENGLAND  —  After 
pounding  on  six  intrusion-detection  systems, a 
network  equipment  test  lab  in  England  has 
concluded  that  while  IDS  products  spot  their 
fair  share  of  hacker  or  denial-of-service 
attacks,  there  is  still  room  for  improvement. 

The  NSS  Group  methodically  tested  three 
network-based  IDS  products  and  three  host- 
based  offerings  by  subjecting  each  group  to 
dozens  of  attacks  and  evasion  techniques.The 
test  results  and  the  description  of  the  lab 
methodology  used  are  available  this  week  at 
www.nss.co.uk. 

The  results  are  similar  to  those  Network 
World  found  by  in  its  recent  real-world  test  of 
eight  IDS  offerings  (www.nwfusion.com,  Doc- 
Finder  1052). 

“Some  products  have  improved  significantly 
since  the  last  time  we  tested  them,  [Internet 
Security  Systems’]  RealSecure  being  the  most 
striking  example,  while  some  have  not 
improved  in  any  real  way,”  says  Bob  Walder, 
director  of  the  tests  at  NSS  Group,  which  last 
December  tested  16  IDS  products  through. 


Fewer  companies  participated  this  time 
around,  citing  reasons  such  as  not  wanting  to 
pay  $7,500  to  have  NSS  Group  test  their  prod¬ 
ucts  and  because  of  where  they  are  in  their 
product  development  cycles. 

NSS  Group  this  time  sought  to  more  closely 
emulate  real-world  conditions  by  generating 
HTTP  sessions  with  the  Caw  Networks’ 
WebAvalancheAVebReflector  test  gear.  NSS 
Group  initiated  attacks  using  hacker  tools  and 
commercial  test  suites. 

IDS  sensors  and  management  consoles 
were  placed  on  an  Ethernet  LAN  with  3Com 
SuperStack  and  Foundry  Networks’  Fastlron 
switches  along  with  Intel  autosensing 
10/100M  bit/sec  network  interface  cards 
installed  in  each  target  host  for  Solaris,  Linux 
or  Windows. 

The  network-based  IDS  products  tested  were 
Cisco’s  Secure  IDS  4230,  ISS’s  RealSecure  7.0 
and  the  open  source  IDS  code  Snort  1.8.6, 
which  is  fast  becoming  part  of  many  commer¬ 
cial  products. 

RealSecure  7.0,  which  shipped  just  a  few 
weeks  ago,  held  up  best,  but  was  hardly  per¬ 
fect,  detecting  94  out  of  109  attacks,  missing  a 


few  Trojan  and  DoS  attacks  and  some  HTTP 
and  Internet  Control  Messaging  Protocol 
attacks.  RealSecure  7.0  was  the  only  IDS  to 
detect  all  40  of  the  evasion  techniques. 

Host-based  IDS  products  tested  were 
Entercept  Security  Technologies’  Entercept 
2.5,  NFR  Security’s  HID  2.0  and  Okena’s 
Storm  Watch  2.1,  which  all  faced  a  different 
battery  of  tests  than  the  network-based  offer¬ 
ings.  That  was  because  host-based  IDS  prod¬ 
ucts  are  expected  to  notice  attempts  to  tam¬ 
per  with  files,  operating  systems  and  user 
accounts  on  a  server  or  desktop. 

These  products  performed  well,  although 
shortcomings  surfaced,  such  as  an  inability  to 
monitor  logons  or  inadequate  alerting  on 
changes  of  user  rights  and  audit  policy 

The  Okena  and  Entercept  offerings  are 
called  “intrusion-prevention”  or  “behavior¬ 
blocking”  products  because  they  block  activity 
and  detect  it. 

While  managing  “behavior-blocking”  prod¬ 
ucts  can  be  costly  and  difficult, corporate  cus¬ 
tomers  using  them  say  they  have  blocked 
attacks  by  worms  such  as  Nimda  and  pre¬ 
vented  data  tampering.* 


In  a  world  where  there’s  a  different  kind  of  threat  every  day,  you  need  a  different  kind  of  security. 

New  threats  can  blow  through  any  firewall  or  anti-virus  software.  That's  why  we  deliver  seamless  information  protection 
with  centralized  management  for  networks,  servers  and  desktops.  From  proactive  research  and  award-winning  software  to 
24/7  protection  and  response  services,  our  solutions  detect,  prevent  and  respond  to  attacks  and  misuse.  And  it's  all  backed  by 
the  X-ForceT  our  global  protection  services  organization.  Want  to  see  more?  Call  800-776-2362.  Or  visit  www.iss.net/nww. 
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Cisco  raises  maintenance  fees 

Users  of  company's  older  routers,  switches  hit  hardest. 
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Takes 

■  IBM  last  week  improved  its  Unix 
server  line  with  the  release  of  a  four- 
processor  system  that  ships  with 
many  of  the  company’s  hardware  and 
software  features  normally  reserved 
for  higher-end  systems.  IBM’s  p630 
server  is  a  smaller  version  of  the 
larger  p690  that  uses  1-GHz  Power4 
processors  similar  to  those  in  the  big¬ 
ger  system.  The  p630  will  be  offered 
with  one  to  four  processors  and 
starts  shipping  next  month.  The  sys¬ 
tem  will  run  IBM's  AIX  operating  sys¬ 
tem  and  Linux.  The  company  will  intro¬ 
duce  in  the  fourth  quarter  dynamic 
partitioning,  letting  users  run  AIX  and 
Linux  on  the  same  server,  IBM  says. 
With  the  p630,  IBM  continues  its  move 
to  catch  Unix  market  leader  Sun.  Last 
week,  Sun  also  updated  its  midrange 
Unix  line  with  the  two-processor  to 

f  our- processor  V480  server  running  on 
900-MHz  UltraSPARC  III  processors. 
This  system  starts  at  $23,000  with 
two  900-MHz  UltraSPARC  Ills,  4G- 
bytes  of  memory  and  two  36G-byte 
disks. The  IBM  p630  with  one  proces¬ 
sor,  1G  byte  of  memory  and  one  18G- 
byte  disk  starts  at  $12,500.  www.ibm. 
com 

■  Hewlett-Packard  last  week 
revved  up  the  high-end  of  its  server 
line  with  faster  processors  in  its 
large  Superdome  server.  HP  is  swap¬ 
ping  the  server's  current  750-MHz 
PA-RISC  8700  processors  with  new 
875-MHz  PA-RISC  8700+  proces¬ 
sors.  The  Superdome  server  can 
accommodate  up  to  64  processors 
and  runs  HP’s  HP-UX.  The  faster 
chips  should  help  HP  keep  up  with 
competitors  Sun  and  IBM  in  the 
lucrative  Unix  server  market.  Sun 
and  IBM  have  revamped  their  high- 
end  systems  that  compete  with 
Superdome  in  recent  months.  During 
the  next  few  years,  HP  says  it  hopes 
to  move  away  from  the  PA-RISC 
chips  and  adopt  Intel’s  Itanium  chip 
across  most  of  its  server  line.  A  16- 
processor  Superdome  with  64G 
bytes  of  memory  starts  at  $400,000. 

A  top-of-the-line  64-processor  sys¬ 
tem  with  256G  bytes  of  memory 
starts  at  $1  million,  www.hp.com 


■  BY  PHIL  HOCHMUTH 

SAN  JOSE  —  Users  of  some  older  Cisco 
gear  will  pay  more  for  maintenance  con¬ 
tracts  as  Cisco  restructures  its  mainte¬ 
nance  contract  pricing  this  week. 

Increased  costs  of  about  5%  to  10%  on 
Cisco  SMARTnet  and  SMARTnet  Onsite 
maintenance  contracts  for  older  router 
product  families  —  such  as  the  Cisco 
4500, 4700  and  7500  —  took  effect  today. 
Increases  of  up  to  20%  on  Cisco’s  Content 
Family  Engine  products  also  were  insti¬ 
tuted.  While  the  increases  will  not  be  a 
major  hit  to  customers,  observers  say  the 
move  is  a  good  reminder  to  businesses 
that  they  should  keep  vigilant  about  their 
maintenance  plans,  and  what  their  ven¬ 
dors  are  doing. 

According  to  Ciscos  Web  site,  a  typical 
maintenance  contract  for  a  Cisco  7505 
would  cost  about  $5,100  per  year  under 
the  new  price  guidelines,  up  from  the  pre¬ 
vious  cost  of  $4,600  per  year.  A  4500  series 
router  would  cost  about  $  1 ,600  per  year  to 
maintain,  up  from  $1,430. 

According  to  Cisco,  the  hardware  service 
pricing  increases  will  affect  products  that 
have  not  had  increases  in  several  years. 
“The  price  increase  is  primarily  due  to 
cumulative  increases  in  the  cost  of  provid¬ 
ing  service  and  to  the  increasing  complex¬ 
ity  and  support  requirements,”  says  Mike 
Farabelli,vice  president, services  marketing 
at  Cisco  “These  service  adjustments  will 
affect  less  than  one  half  of  1%  of  Cisco’s 
existing  contractual  install  base.” 

The  increase  in  maintenance  costs  for 
older  gear  is  a  common  move  by  network 
vendors,  says  Lawrence  Orans,  senior  ana¬ 
lyst  with  Gartner. 

“It  costs  [Cisco]  more  money  to  provide 
maintenance  for  those  products,”  Orans 
says  of  the  4500,  4700  and  7500  product 
lines.“Cisco  has  new  products  that  are  out 
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Learn  how  to  get  the  most  out  of  your  vendor  contracts. 
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there  that  they  want  people  to  migrate  to, 
so  they’ll  charge  more  to  maintain  the 
older  products.That’s  sound  business.” 

While  Cisco  is  upping  some  of  its  hard¬ 
ware  maintenance  contract  pricing,  enter¬ 
prise  users  could  get  a  15%  to  35%  break 
on  pricing  for  its  Software  Application 
Support  and  Software  Application  Support 
plus  Upgrades  programs,  which  provide 
continuous  equipment  software  and  firm¬ 
ware  upgrades  for  customers. 

Overall, Orans  says, “this  is  not  something 
that  will  not  tax  the  budgets  of  IT  depart¬ 
ments  too  greatlyf’ 

The  10%  increase  on  certain  products 
won’t  be  too  much  of  a  burden  on  cus¬ 
tomers,  agrees  Stu  Feddersen,  vice  presi¬ 
dent  of  Network  Visions,  a  network  integra¬ 
tion  firm  in  Herndon, Va., that  specializes  in 
installing  Cisco  products.  “They ’ve  done  it 
before.” 

Gartner  says  customers  should  look  into 

See  Cisco,  page  14 


■  BY  TOM  KRAZIT 

NEW  YORK  —  Hewlett-Packard  last  week 
said  it  will  provide  hotels,  airports  and 
other  venues  with  wireless  Internet  access 
for  their  own  employees  or  the  public. 

HP  will  walk  interested  organizations 
through  the  wireless  LAN  installation  pro¬ 
cess,  from  designing  the  wireless  LAN,  in¬ 
stalling  the  network  equipment,  setting  up 
subscription  services  through  its  partners 
and  servicing  the  network,  says  Michael 
Flanagan,  worldwide  wireless  LAN  solu¬ 
tions  and  programs  manager  for  HP 

Companies  partnering  with  HP  include 
Cisco,  iPass,  Aptilo  Networks  and  Boingo 
Wireless.  HP  will  recommend  network 
access  points  from  Cisco,  hardware  from 
HP  and  software  from  Aptilo  to  customers, 
but  users  will  be  free  to  choose  their  own 
providers  based  on  their  business  needs, 
and  HP  will  install  that  equipment,  he  says. 
The  networks  will  use  the  802.11b  (Wi-Fi) 
wireless  LAN  standard. 

HP  customers  that  operate  public  facili¬ 
ties  such  as  airports  can  opt  for  single-pur- 
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More  and  less 

Cisco  this  week  will  increase  the  cost 
for  maintenance  contracts  on  some 
of  its  hardware  product  lines,  while 
lowering  costs  for  some  software 
support  services. 


Hardware 

Maintenance  con- 

products 

tract  increases 

Cisco  4500  router 

5%  to  10% 

Cisco  4700  router 

5%  to  10% 

Cisco  7500  router 

5%  to  10% 

Content  Engine 
products 

15%  to  35% 

Software  support 

Cost 

programs 

reductions 

Software  Application 

15%  to  35% 

Support 

Software  Application 

15%  to  35% 

Support  plus  Upgrades 

pose  or  dual-purpose  networks.The  choice 
is  between  providing  a  network  just  for  the 
public  and  letting  their  own  employees  ex¬ 
change  data  over  the  same  network. 
Choosing  a  dual-purpose  network  provides 
cost-savings  for  companies,  because  they 
would  only  have  to  maintain  one  network 
for  internal  and  public  data  transmissions, 
Flanagan  says. 

No  service  contract  will  be  required  as 
part  of  the  installation,  Flanagan  says. 
Customers  can  choose  to  manage  the  net¬ 
work  in-house  or  let  HP  manage  their  net¬ 
works,  he  says,  recommending  a  two-  or 
three-year  contract  for  those  who  select 
HP’s  services. 

Customers  who  sign  up  for  HP’s  wireless 
LAN  program  can  choose  between  sub¬ 
scription  services  from  Boingo  or  iP&ss, 
which  offer  users  around  the  world  a  net¬ 
work  of  wireless  LAN  “hot  spots,”  or  con¬ 
nection  zones.  They  can  be  billed  by  the 
hour,  day,  week  or  other  time  increments  by 
the  service  provider,  passing  along  costs  to 
their  public  users. 

See  HP,  page  14 
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I  still  spend  part  of  each  day  helping  net¬ 
work  managers  —  and  users  —  in 
forums  sponsored  by  both  Microsoft 
and  Novell  as  a  way  of  providing  free,  peer- 
to-peer  support.  Fifteen  years  ago,  when  1 
didn’t  know  the  difference  between 
Ethernet  coax  and  Arcnet  coax,  other  users 
and  managers  helped  me,  and  I’ve  always 
felt  the  need  to  return  the  favor. 

But  that’s  not  the  only  reason  I  still  partic¬ 
ipate.  Given  the  state  of  TV  and  movies 
these  days,  product  support  forums  also 
are  a  good,  inexpensive  source  of  enter¬ 
tainment.  For  example,  take  a  recent  post¬ 


A  little  help  from  a  friend 


ing  to  Novell’s  support  forums: 

“I  need  to  transfer  the  passwords  of  2,000 
users  from  one  [Novell  Directory  Services] 
tree  to  another.  I’m  reluctant  to  transfer  the 
whole  account  so  am  trying  to  get  away 
with  just  moving  the  password  into  new 
accounts.  However,  I  can’t  see  how  to  get  at 
the  private  key” 

it  makes  me  want  to  reach  out  and  shake 
the  questioner,  all  the  while  saying  in  a 
crisp,  measured  voice:  “Do  you  know  why 
it’s  called  a  private  key?  It’s  called  a  private 
key  because  no  one  except  that  user 
should  be  able  to  read  it!” 

Perhaps  the  number  of  security  bugs 
reported  during  the  past  few  years  have 
instilled  a  feeling  that  nothing  could 
possibly  be  secure.  Perhaps  network 
administrators  simply  believe  that  no 
fact,  no  piece  of  data  should  be  inac¬ 
cessible  to  them. 

As  regards  the  former  reason,  that  does¬ 


n’t  explain  why  similar  questions  have 
popped  up  since  I  first  started  monitoring 
help  forums  in  1986.The  latter  reason  also 
should  not  apply  because  it’s  so  easy  to 
decentralize  administration  of  networks 
these  days  that  any  informed  manager 
should  be  aware  that  not  all  data  needs  to 
be  available  to  one  single  person. 

So  what  we’re  left  with  is  people  running 
and  administering  networks  who  aren’t 
aware  of  the  network’s  capabilities  or  the 
simple  logic  of  a  term  such  as“private  key’ 

Simply  put,  the  past  decade  of  churning 
out  “certified”  managers,  administrators 
and  so-called  engineers  has  led  to  a  large 
increase  in  rote  learning  but  a  decided 
retreat  in  the  learning  of  troubleshooting 
methods  —  things  such  as  logic,  analogy 
and  deduction. 

This  keeps  the  forums  full  of  users  asking 
questions  that  shouldn’t  need  to  be  asked 
—  and  it  does  keep  me  entertained  —  but 


www.nwfusion.com 


it’s  also  a  sad  commentary  on  our  times. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired 
@q  uill.com. 


Tip  of  the  Week 


II  f  you  really  do  need  help, 

I  though,  the  free  forums 
sponsored  by  Microsoft 
Novell  and  others  can  be  a 
real  boon.  Visit  http://sup- 
port.novell.com/forums/  and 
http://communities2.micros 
oft.com/home/  to  find  out 
MBS  more. 


Zambeel  launches  massive 
net-attached  storage  server 


■  BY  DENI  CONNOR 

FREMONT,  CALIF  —  Storage 
start-up  Zambeel  is  announcing  a 
massive,  network-attached  storage 
file  server  that  lets  users  provision 
resources,  applications  and  pro¬ 
cessing  power  by  department  or 
division  within  an  enterprise-size 
business. 

Called  the  Aztera,  the  file  server 
is  one  of  the  first  boxes  that  fits 
the  area  of  “utility-class  storage,” 
analysts  say,  where  storage  de¬ 
vices  can  be  subdivided  and  allo¬ 
cated  by  department  and  storage 
resources  charged  to  individual 
profit  centers. 

Each  Aztera  system,  like  other 
NAS  file  servers,  connects  to  the 
Ethernet  network.  That’s  where 
the  similarities  end.  Aztera,  which 
has  a  capacity  that  is  far  more 
than  other  vendor’s  NAS  devices 
—  3,200  terabytes  —  contains 
two  redundant,  integrated  Gigabit 
Ethernet  switches  that  connect  to 
the  network  on  one  side  and  to 
NAS-attached  drives  on  the  other 
side.  The  switches  create  a  con¬ 
nection  that  can  load  balance 
and  control  the  data  flowing  to 
the  device.  Four  Gigabit  Ethernet 
uplinks  provide  redundancy  for 
Aztera ’s  drives. 

“Zambeel’s  focus  on  having 
Gigabit  Ethernet  switching  inte- 
g rated  is  a  nice,  logical  step,"  says 
Jamie  t  ituener, senior  analyst  with 
Ihe  Yankee  Group.  “But  they  are 
not  going  to  be  alone  here.  In  the 
next  six  montfis  you  will  see  other 


Zambeel's  Aztera  file  server  sup¬ 
ports  a  switched  architecture  that 
lets  it  provision  resources,  applica¬ 
tions  and  performance. 

variations  coming  to  market.” 

in  the  area  of  integrated  switch¬ 
ing,  storage  gear  manufacturer 
Vixel  is  selling  a  2G  bit/sec  em¬ 
bedded  Fibre  Channel  switch  to 
disk,  tape  and  NAS  that  takes  the 
place  of  the  RAID  controllers  that 
interconnect  individual  disk  dri¬ 
ves  in  an  array  Vixel’s  InSpeed 
crossbar  switch  can  isolate  trou¬ 
blesome  drives,  provision  storage 
resources  and  increase  perfor¬ 
mance  as  much  as  three  to  four 
times  over  controller-based  archi¬ 
tectures,  according  to  the  firm. 
Z-Force,  a  storage  start-up  in 


stealth  mode,  also  will  compete 
with  Zambeel. 

The  integrated  switch  and  soft¬ 
ware  from  Zambeel  let  customers 
determine  the  portion  of  the  stor¬ 
age  capacity  or  resources  that  will 
be  allocated  to  individual  depart¬ 
ments.  Each  allotment  is  placed 
within  a  secure  domain  to  protect 
it  from  prying  by  other  depart¬ 
ments.  For  instance, accounting  or 
human  resources  data  could  be 
placed  on  the  same  machine 
with  marketing  and  sales  infor¬ 
mation  without  worries  that  the 
integrity  of  the  data  would  be 
compromised. 

“You  can  scale  the  performance 
based  on  the  file  system  or  [other 
parameters],”  says  Tim  Czer- 
wonka,  systems  administrator  at 
the  University  of  Wisconsin  in 
Madison.  “We  use  an  application 
that  runs  on  a  cluster  of  a  couple 
of  hundred  machines  and  a  file 
system  that  has  just  some  mirror 
data.  [On  the  Zambeel  box]  the 
mirror  data  got  less  [I/O]  opera¬ 
tions  per  second  than  the  several- 
hundred  cluster  application.” 

Data  in  each  domain  is  gathered 
into  one  pool  that  can  be  manip¬ 
ulated,  viewed  and  monitored 
from  one  management  interface. 

Disk  modules  installed  in  the 
Aztera  are  hot-swappable  and 
clustered.  When  a  drive  fails, 
another  drive  in  the  cluster  takes 
over  and  assumes  the  work  of  the 
failed  drive. 

Aztera  storage  system  is  avail¬ 
able  now  starting  at  $300,000.  ■ 
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third-party  maintenance  offerings 
if  they  are  looking  for  deals  on 
maintenance  costs,  but  the  firm 
warns  that  putting  one  degree  of 
separation  between  its  enterprise 
products  and  the  manufacturer 
could  cause  enterprise  cus¬ 
tomers  to  lose  some  control  over 
how  complex  technical  and 
maintenance  issues  are  handled 
through  Cisco  support. 

Arranging  maintenance  through 
the  firm  that  installed  the  network 
has  advantages  other  than  poten¬ 
tial  cost  savings,  Feddersen  says. 

“Getting  on-site  maintenance 
directly  [from  Cisco]  is  negative 
sometimes  from  a  customer 
standpoint,”  he  says.  “Sometimes 
you  may  get  someone  that  does¬ 
n’t  know  your  network  who  just 
brings  out  a  part  and  sticks  it  in.” 


Customers  with  direct  Cisco 
maintenance  deals  could  be  ser¬ 
viced  by  firms  that  were  not 
involved  with  the  installation  of 
the  gear. 

Analysts  and  consultants  also 
say  that  maintenance  contracts 
for  chassis-based  switching  and 
routing  products  should  be 
looked  over  carefully.  If  compa¬ 
nies  are  not  using  only  the  most 
complex  and  advanced  mod¬ 
ules  and  configurations  on  a 
product,  they  could  probably  go 
with  a  less-expensive  mainte¬ 
nance  plan,  the  firm  says. 

“Cisco  wants  to  sell  mainte¬ 
nance  on  everything,  but  some¬ 
times  it’s  just  not  practical,” 
Feddersen  says,  adding  that 
some  users  might  look  into  elim¬ 
inating  maintenance  contracts 
altogether  for  commodity  net¬ 
work  gear  that  runs  in  stable 
environments.  ■ 
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Pricing  for  larger  installations 
will  depend  on  the  size  of  the 
network,  the  length  of  the  con¬ 
sulting  engagement,  and  whether 
the  customer  assumes  responsi¬ 
bility  for  managing  the  network, 
Flanagan  says. 

Customers  looking  for  smaller 
networks  will  have  to  work  out 
pricing  with  channel  vendors 
based  on  the  number  of  access 
points  and  other  hardware  they 
require,  he  says. 

HP  is  testing  networks  at  many 
locations  in  North  America, 
Flanagan  says,  without  naming 
specific  venues.  Compaq’s  U  K. 
office  announced  a  partnership 
with  Aptilo  and  Kubi  Wireless  last 


month  to  set  up  “hot  spots,"  or 
wireless  LANs  in  Spain,  which  has 
connected  10  hotels,  he  says. 
Aptilo  puts  together  combina¬ 
tions  of  hardware  and  software 
that  let  wireless  LAN  service 
providers  manage  their  networks 
through  a  Web-based  manage¬ 
ment  tool  and  statistical-gather¬ 
ing  applications. 

Krazit  is  a  correspondent  with 
the  IDG  News  Service's  Boston 
bureau. 
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OMAHA  STEAKS 


PLAY  TO  WIN? 


(©server 


Omaha  Steaks’  online  sales  have  soared  150%  over  the  last  3  years.  And  with  20%  of  their  sales  now 
conducted  over  the  Web,  they  clearly  required  a  highly  available  server.  Since  deployment,  their 
IBM  (©server  iSeries™  has  been  rock  solid  (2  years,  no  unplanned  downtime).  And  that’s  a  job  well  done. 
For  a  complimentary  consultation  with  an  iSeries  specialist,  visit  ibm.com/eserver/omaha,  or  call 
1  800  426-7777  and  mention  priority  code  102AG006.  (g>A*j*o  «  fa ^  fZf***' 


All  numbers  and  results  reported  are  (tom  customer  sources.  Results  obtained  in  other  customer  environments  will  vary.  IBM.  the  e-business  logo,  e-business  is  the  game.  Play  to  win  and  iSeries  are  trademarks  or  registered  trademarks 
ol  International  Business  Machines  Corporation  in  the  United  States  and  for  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others  X2002  IBM  Corporation  All  rights  reserved 
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Does  your  remote  access  leave  you  a  little...  exposed? 


Si©  For  enterprise-class  security,  access  and  management,  Fiberlink  has  you  covered. 


Just  how  secure  is  your  remote  access?  How  dependable  is  it?  How  hard  is  it  to  manage?  If  you  want  easy  answers  to  these 
v  tough  questions,  you  need  Fiberlink.  •  Only  Fiberlink  delivers  a  level  of  integrated  security,  access  and  management  that  optimizes 
remote  access  —  anytime,  anywhere.  The  confidence  of  policy-enabled  remote  access,  with  integrated  authentication,  intrusion 
detection,  VPN,  distributed  firewall  and  virus  protection.  And  robust  tools  that  give  end-users  easy  access  and  administrators 

K  fewer  headaches.  «  It's  no  wonder  that  leading  analysts  such  as  Gartner,  Yankee  Group  and  Burton  Group  recommend  Fiberlink 
to  their  clients.  Did  we  also  mention  that  our  customers  typically  reduce  their  costs  by  as  much  as  80%? 

Learn  more  at  www.fiberlink.com  or  call  1-800-LINKNOW  today.  Before  you  catch  something. 

V  •  Fiberlink  Global  Remote:  for  mobile  professionals  Fiberlink  Secure  Broadband:  for  telecommuters  Fiberlink  Global  Connect:  for  branch  offices 


DNS  risks  lurk  in  corporate  networks 


■  BY  JOHN  FONTANA 

One  out  of  every  four  of  the  top  1,000 
companies  in  the  U.S.  has  a  security  flaw 
in  its  network  infrastructure  that  could  cut 
off  all  of  its  global  e-mail  and  Web-based 
traffic,  according  to  a  survey  to  be  pub¬ 
lished  this  month. 

While  the  flaws  are  not  yet  concern  for 
widespread  panic,  they  are  laying  dor¬ 
mant  in  many  organizations  and  network 
executives  should  correct  them  as  insur¬ 
ance  against  a  major  catastrophe,  warn 
experts  at  organizations  such  as  the  Na¬ 
tional  Infrastructure  Protection  Center,  an 
affiliate  of  the  FBI. 

The  problems  are  rooted  in  DNS,  a  glo¬ 
bal  distributed  database  that  matches 


■  BY  JOHN  FONTANA 

CAMBRIDGE,  MASS.  —  Users  looking  to 
cut  down  on  the  annoying  and  costly  prob¬ 
lem  of  dealing  with  spam,  take  heart.  Lotus 
last  week  said  it  would  include  server-side 
spam-filtering  controls  in  Domino  6.0 
when  the  collaboration  server  ships  later 
this  year. 

The  new  features  are  highlighted  by  a 


■  Eeye  Digital  Security  has  an 


nounced  the  second  version  of  its 
SecurellS  Application  Firewall 

that’s  used  to  shield  Microsoft  Internet 
Information  Servers  from  malicious 
hacker  attacks.  Eeye  added  en¬ 
terprise-level  central  policy  manage¬ 
ment  in  SecurellS  2.0  so  IT  managers 
can  centrally  control  and  receive 
event  logging  for  up  to  500  servers  at 
one  time  from  a  single  management 
console.  The  software,  which  starts  at 
$1,000,  also  provides  real-time  statisti¬ 
cal  charts  and  determines  network 
configuration,  www.eeye.com 


Web  site  URLs  to  a  numerical  IP  address. 
DNS,  which  governs  routing  of  all  traffic 
on  the  Internet,  contains  billions  of 
records,  answers  billions  of  queries  and 
accepts  millions  of  updates  from  millions 
of  users  on  an  average  day. 

DNS  is  a  hierarchy  of  servers,  including 
13  master  “root”  servers.  On  the  lower  end 
of  the  hierarchy,  every  organization  that 
has  a  domain  name  depends  on  the  relia¬ 
bility  of  its  own  DNS  name  servers  to 
maintain  an  Internet  presence. 

According  to  a  survey  conducted  in  June 
by  DNS  consulting  and  software  company 
Men  &  Mice,  27%  of  Fortune  1000  com¬ 
panies  have  DNS  configurations  that  put  all 
their  name  servers  on  the  same  subnet  — 
an  independent  segment  of  a  larger  net¬ 


rules-processing  control  similar  to  the  fea¬ 
tures  in  Notes,  the  client-side  software  of 
the  Lotus  collaboration  suite.The  other  fea¬ 
ture  is  the  ability  to  run  real-time  queries 
against  public  “blackhole”  lists,  which  pro¬ 
vide  the  addresses  of  known  spammers. 

“Customers  are  telling  us  that  spam  is 
costing  them  lots  of  money?’  says  Ed  Brill, 
senior  manager  for  messaging  and  collab¬ 
oration  at  Lotus.  “These  new  features  can 
help  save  money  and  help  administrators 
save  end  users  time.” 

Spam  is  a  growing  problem  for  corpora¬ 
tions,  in  the  amount  of  spam  and  the  cost 
to  deal  with  it.  According  to  Osterman  Re 
search,  spam  volumes  can  reach  15.6  mil¬ 
lion  messages  annually  for  a  company  of 
5,000  users,  resulting  in  a  cost  of  dealing 
with  that  spam  at  just  less  than  $344,000 
each  year. 

But  the  Osterman  study  says  that  anti¬ 
spam  filtering  won’t  wipe  out  that  cost 
completely  The  study  says  users  will  see 
costs  associated  with  evaluating, deploying 
and  maintaining  antispam  products. There 
also  are  costs  for  the  occasional  false  posi¬ 
tive  that  prevents  e-mail  from  reaching  its 
intended  destination  and  extra  loads 
placed  on  mail  servers  and  storage. 

Brill  says  Domino  will  suffer  a  perfor¬ 
mance  hit  and  users  will  have  to  weigh  the 
trade-offs. 

The  rules  filtering  will  let  administrators 

See  Lotus,  page  18 


work  —  which  creates  a  single  point  of 
failure. 

“When  [corporate]  name  servers  be 
come  unavailable  the  consequences  can 
become  disastrous,”  says  Sigurdur  Rag- 
narsson.CTO  of  Men  &  Mice.’A  user  typing 
in  your  domain  name  does  not  automati¬ 
cally  get  the  corresponding  IP  number  for 
the  host  computer.  An  email  will  fail  to 
find  a  mail  server  willing  to  accept  the  e- 
mail  and  it  will  bounce  back  to  the 
sender.  In  other  words,  for  all  practical  pur¬ 
poses  your  company  has  vanished  from 
the  face  of  the  Internet.” 

Another  aspect  of  the  DNS  problem  is 
that  the  global  database  is  attracting  the 
interest  of  hackers. 

“We  see  scanning  all  the  time  on  DNS 
and  other  security  points  so  we  treat  DNS 
security  seriously”  says  Nhan  Vo,  network 
director  of  the  Duke  University  Health  Sys¬ 
tem  in  Durham,  N.C. 

“The  router,  switches  and  DNS  are  the 
most  critical  infrastructure  components  on 
our  network,”  Vo  says,  adding  that  he  is 
comfortable  with  his  DNS  configuration 
that  incorporates  redundancy  and  failover. 

But  Vo’s  diligence  is  not  the  case  every¬ 
where.  In  January  2001,  Microsoft  was  off¬ 
line  for  nearly  two  days  because  its  DNS 
configuration  was  on  a  single  subnet,  a 
fact  that  was  first  exposed  by  a  router 
problem  and  then  exploited  by  hackers 
launching  denial-of-service  (DoS)  attacks 
to  further  embarrass  Microsoft. 

Ragnarsson  says  while  DNS  is  not  com¬ 
plex,  it  plays  a  more  vital  role  in  networks 
than  indicated  by  the  amount  of  time  cor¬ 
porations  dedicate  to  its  upkeep. 

Men  &  Mice  finds  a  consistent  percent¬ 
age  of  corporate  name  servers  that  con¬ 
tain  configuration  errors  or  buggy  DNS 
software  that  leave  a  company  vulnerable 
to  losing  DNS  service,  DoS  attacks  and  out¬ 
right  hijacking  of  name  servers. 

While  attacks  on  DNS  are  not  an  every¬ 
day  occurrence,  SANS  Institute’s  Dshield 
.org  Web  site,  which  collects  reports  of 
cracking  attempts  from  all  over  the 
Internet,  received  reports  of  nearly  135,000 
scans  of  DNS  servers  during  the  week  of 
June  17. 

Many  experts  say  foundations  of  the 
Internet  infrastructure,  such  as  DNS,  are 
starting  to  interest  hackers  who  are  getting 
bored  with  exploiting  Web  servers  or 
e-mail  software. 

“With  regards  to  security  vulnerabilities, 
the  black  hats  are  exhausting  the  easy 
attacks  and  as  time  goes  on,  we  will  see 


Risk  factors  for  DNS  failure 

Domain  Name  System,  which  gov¬ 
erns  routing  of  all  traffic  on  the 
Internet,  is  not  a  complex  service, 
but  it  can  cause  major  problems  if 
not  configured  correctly.  Here  are 
a  few  major  issues  to  watch  out  for: 

•  Lack  of  redundancy:  Providing  the 
same  IP  address  for  both  primary 
and  secondary  DNS  name  servers 
makes  them  dependent  on  a  single 
server,  therefore  creating  a  single 
point  of  failure. 

•  Incorrect  configurations:  Failing 
to  list  all  DNS  name  servers  in 
domain  registration  records  might 
result  in  only  one  name  server  having 
authoritative  DNS  information. 

•  Architectural  flaws:  Locating  all 
DNS  name  servers  on  the  same 
physical  network  segment  or  behind 
the  same  router  means  a  fiber  cut, 
routing  misconfiguration  or  denial- 
of-service  attack  can  make  all  of 
them  simultaneously  unavailable, 
crippling  DNS. 

SOURCE:  NATIONAL  INFRASTRUCTURE  PROTECTION  CENTER 

larger  numbers  of  attacks  on  more  com¬ 
plex  infrastructure  like  DNS,”  says  David 
Conrad,  CTO  of  Nominum,  a  DNS  service 
provider. 

“DNS  attacks  are  something  we’ll  see 
more  and  more  of  because  even  a  couple 
of  hours  of  downtime  can  have  a  serious 
impact  on  a  companyf  says  David  Ellis, 
senior  technical  analyst  for  Carlson 
Shared  Services,  a  travel,  hospitality  and 
marketing  firm. 

Network  executives  that  want  to  protect 
themselves  should  check  their  DNS  config¬ 
urations  and  the  versions  of  DNS  software 
they  run,  Conrad  says. 

“How  concerned  companies  are  about 
DNS  issues  depends  on  how  big  the  com¬ 
pany  is  and  for  how  long  it  is  willing  to  be 
down  —  an  hour,  a  day,” says  Martin  Lind¬ 
ner,  team  leader  for  incident  ‘handling 
for  CERT. 

Lindner  says  every  company  should  have 
a  set  of  best  practices  it  follows. 

As  with  the  Microsoft  debacle,  name  ser¬ 
vers  should  not  be  on  the  same  subnet,  but 
they  also  should  not  be  behind  a  single 
router  or  on  a  single  leased  line.  Servers 
should  be  spread  out  over  a  geographic 
area,  preferably  not  in  the  same  neighbor- 

See  DNS,  page  18 
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The  librarian  has  spoken.  Right  on 
schedule,  the  Librarian  of  Congress 
decided  what  royalty  rates  Webcast- 
ers  will  have  to  pay  to  stream  music  out 
onto  the  Internet.  The  decision  is  bad 
news  for  many  Internet  radio  stations  and 
listeners,  and  has  the  record  companies 
poor  mouthing  their  way  to  the  bank. 

This  column  follows  two  previous  col¬ 
umns  (see  www.nwfusion.com,  DocFin- 
ders:  1028  and  1029)  that  covered  progress 
of  the  proposal  for  Internet  radio  stations 
to  pay  royalties  to  record  companies  and 
performers. 


The  final  (for  some)  report 


By  law,  the  final  decision  about  the  level 
of  the  payments  was  left  to  the  Librarian 
of  Congress.  At  first  glance,and  in  the  eyes 
of  many  headline  writers,  the  librarian 
came  out  swinging  and  cut  the  proposed 
fees  in  half.  But  in  reality,  the  fees  stayed 
just  about  the  same  for  over-the-air  sta¬ 
tions  that  copy  their  broadcast  over  the 
’Net  and  stayed  prohibitive  for  most  of  the 
few  thousand  existing  Internet-only  Web- 
casters.  (See  www.nwfusion.com,  Doc- 
Finder:  1038  for  the  final  regulations.) 
Lower  fees  apply  to  some  noncommercial 
Webcasters. 

The  fee  level  will  be  hard  for  even  the 
larger  commercial  stations  with  strong 
advertising  revenue  to  justify  —  unless 
there  is  significant  change  in  how  much 
advertisers  will  pay  to  reach  listeners  half¬ 
way  across  the  country.  The  fees  are 
impossible  for  small  experimental  sta¬ 
tions;  I  expect  that  almost  all  of  them  will 


go  out  of  business  soon. 

To  me,  this  is  a  shortsighted  plan,  but  is 
consistent  with  the  approach  that  the 
copyright  industry  has  followed  for  many 
years.  The  industry  has  fought  every  tech¬ 
nical  advance  with  the  claim  that  the 
technology  will  drive  its  members  out  of 
business.  Historically,  every  time  that  the 
industry  has  lost  its  fight,  such  as  in  the 
case  of  VCRs,  the  industry  winds  up  mak¬ 
ing  lots  of  money  Every  time  it  has  won, 
the  industry  ends  up  killing  the  media  — 
music  on  DAT  tapes,  for  example. 

In  this  latest  case,  the  industry  is  killing 
the  companies  that  are  experimenting 
with  this  new  media,  the  very  companies 
that  would  be  most  likely  to  figure  out 
new  ways  for  the  copyright  folks  to  make 
money.  Sure,  the  commercial  stations 
should  pay  a  fee,  but  that  fee  should  take 
into  account  what  sort  of  revenue  can  be 
realized  for  this  type  of  service. These  fees 


do  not  do  that. 

When  I  last  wrote  about  this  topic,  my 
editor  wanted  to  know  how  it  related  to 
enterprise  network  professionals,  the 
Network  World  target  reader.  A  flip 
answer  is  that  network  professionals  are 
people,  and  some  of  them  find  listening 
to  music  at  work  improves  the  environ¬ 
ment.  But  the  more  important  reason  is 
that  this  is  yet  another  example  of  the 
general  case  of  pricing  based  on  any¬ 
thing  but  the  real  world  of  what  people 
are  willing  to  pay. 

Something  we  run  into  all  the  time  in 
the  network  business. 

Disclaimer:  Harvard’s  music  department 
did  not  tell  me  what  it  thought  of  this 
topic,  so  the  above  lament  is  my  own. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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hood  or  city  in  case  a  line  cut  or  another 
accident  or  disaster  knocks  out  significant 
portions  of  a  metropolitan  area. 

Users  also  should  run  the  latest  DNS  soft¬ 
ware  or  known  stable  versions  of  DNS  soft¬ 
ware,  a  simple  precaution  many  ignore, 
according  to  Men  &  Mice.  The  majority  of 
name  servers  on  the  Internet  run  Berkeley 
Internet  Name  Domain  (BIND). The  stable 
versions  are  8.2.5  and  9.2.1.  Earlier  this 
month, CERT  issued  a  warning  that  BIND  9 
contained  a  vulnerability  that  could  let  a 
hacker  shut  down  a  name  server  and  ad¬ 
vised  users  to  upgrade  to  9.2.1,  which  was 
released  in  May 

There  are  DNS  software  alternatives.  Veri- 
Sign  has  its  own  called  Atlas,  and  Microsoft 
developed  DNS  software  as  part  of 
Windows  2000.  There  also  is  a  freeware 
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filter  words  and  messages  in  every  e-mail 
that  enters  the  organization,  and  reroute, 
flag  or  delete  the  message  from  the  system 
before  it  gets  into  end-user  mailboxes. 

The  rules  filtering  can  be  used  in  con¬ 
junction  with  filtering  features  in  Notes, but 
the  intention  is  to  minimize  the  amount  of 
filtering  work  end  users  have  to  do. 

The  blackhole  feature  lets  users  link  to 
public  antispam  sites  as  a  means  for  filter¬ 
ing  email.  Domino  administrators  can  take 
one  of  three  actions  on  spam:  log  that 
spam  has  been  received;  add  a  field  to  the 
message  that  it  is  from  a  known  spam  site 
and  use  the  field  to  filter,  flag  or  run  reports 
on  messages;  or  delete  the  message. 

The  spam  features  have  been  beta  tested 
in  the  prerelease  version  of  Domino  6, 
which  shipped  May  7.  Lotus  officials  say 
they  plan  to  have  one  more  beta  version  of 
the  software  before  final  shipment  this  fall. 

Lotus  competitor  Microsoft  Exchange 


DNS  called  djbdns. 

Running  stable  software  also  guards 
against  attacks  on  DNS  that  insert  false 
information  in  name  servers,  so-called 
cache  poisoning  and  spoofing,  which  can 
redirect  users  to  rogue  Web  sites.  Protection 
against  cache  poisoning  was  added  to 
Version  8.12  of  BIND,  but  it  is  still  an  issue 
with  Microsoft’s  DNS  server. 

Users  should  check  the  delegations  with¬ 
in  their  name  servers, so  requests  they  can’t 
answer  are  delegated  to  name  servers  that 
have  the  answer.  So-called  lame  delega¬ 
tions  can  open  users  to  cache  poisoning. 

The  issue  of  DNS  security  is  getting  atten¬ 
tion  from  the  creator  of  the  protocol.  The 
Internet  Engineering  Task  Force  (IETF)  has 
been  working  since  1996  on  DNS  Security 
Extensions  (DNSSEC),a  set  of  security  tools 
for  securing  the  protocol  using  public-key 
cryptography  techniques.  DNSSEC,  how¬ 
ever,  has  not  found  much  acceptance.  The 


also  has  simple  spam-filtering  capabilities 
in  its  Exchange  2000  server  and  client-side 
filtering  in  its  Outlook  client. 

Lotus  and  Microsoft  also  have  third-party 
partners  that  supply  antispam  software  for 
their  mail  servers. 

Lotus  says  its  new  Domino  features  pro¬ 
vide  baseline  features  and  that  third-party 
tools  will  continue  to  support  tighter  fil¬ 
tering  controls. 

Pricing  for  Domino  6  has  yet  to  be 
announced.  ■ 
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first  implementation  was  introduced  with 
BIND  9. 

Two  weeks  ago,  the  Internet  Software 
Consortium,  which  distributes  BIND  free  of 
charge,  said  the  next  version,  9.3,  would 
include  a  technology  called  Delegation 
Signer,  which  makes  it  possible  to  scale 
DNSSEC.  Also  Nominum  and  VeriSign  have 
proposed  a  DNS  modification  called  Opt- 


■  BY  JOHN  COX 

CAMBRIDGE,  MASS.  —  Curl  last  week 
unveiled  a  new  version  of  its  software  for 
helping  users  build  Web  applications  that 
behave  like  PC  applications. 

The  Curl  Client/Web  Platform  is  a  set  of 
software  tools  and  a  run-time  environment 
that  downloads  and  runs  code  in  a  Web 
browser. The  client  code  makes  use  of  the 
local  operating  system  to  create  a  graphi¬ 
cal  user  interface  (GUI)  that’s  fast  and 
highly  interactive.The  new  version  of  what 
was  formerly  called  Surge  includes  a  visu¬ 
al  layout  editor,  a  run-time  that  starts  and 
runs  faster,  and  new  security  features. 

Anyone  who  has  used  a  Web  version  of  a 
PC  application, such  as  Microsoft  Outlook’s 
Web  client,  knows  the  problem  Curl  tries  to 
solve.  The  Web  client  is  convenient  be¬ 
cause  all  you  need  is  an  Internet  connec¬ 
tion  and  a  Web  browser.  The  browser,  how¬ 
ever,  is  less  usable  than  a  Windows  or  Unix 
Motif  user  interface.  It  misses  such  things  as 
drop-down  lists,  menus,  drag-and-drop  — 
in  short  all  the  things  that  can  be  done 
when  you  have  an  operating  system  under¬ 
neath  the  GUI  instead  of  some  HTML  tags 
talking  to  a  Web  server. 

“It’s  hard  to  build  a  powerful,  compelling 
interface  for  a  browser  application,”  says 
Randy  Souza,  an  analyst  with  the  customer 
experience  group  at  Forrester  Research. 

A  number  of  rivals,  mostly  small  start-ups, 
are  attacking  this  problem  in  various  ways. 


In,  that  would  let  DNSSEC  be  deployed 
incrementally  instead  of  all  at  once. 

Security  also  has  caught  the  eye  of  the 
Internet  Corporation  for  Assigned  Names 
and  Numbers,  which  manages  Internet 
addresses,  among  other  things.  Last  month, 
it  established  the  Security  and  Stability 
Advisory  Committee  to  look  into  securing 
DNS  and  IP  address  allocation  system.  ■ 


Appstream  has  software  that  streams 
pieces  of  Windows  applications  to  a  client, 
minimizing  the  client  load  to  what  the  user 
needs  at  any  given  moment.  Others, such  as 
Curl,  are  trying  to  create  some  type  of  “intel¬ 
ligent  client,”  Souza  says. Those  companies 
include  Altio,  Nexaweb  and  a  French  com¬ 
pany,  Esual,  which  will  introduce  its  prod¬ 
uct  to  the  U.S.  in  the  next  few  weeks. 

Better  known  is  Macromedia,  but  Souza 
says  the  company  is  focused  on  Web  de¬ 
velopers  and  e-commerce  applications 
rather  than  corporations.“The  dark  horse  is 
Microsoft,”  he  says.“On  the  .Net  agenda  are 
some  more  things  that  can  be  down  with 
the  Common  Language  Runtime  and  a 
product  called  Windows  Forms.  With  these, 
you’ll  be  able  to  build  richer  clients." 

The  original  release  of  Curl  Surge,  in  2001, 
emphasized  the  Curl  language,  the  fruit  of  a 
project  sponsored  by  the  Defense  Advan¬ 
ced  Research  Projects  Agency  In  the  past 
year,  Curl  executives  have  focused  on  mar¬ 
keting  the  software  as  a  platform  —  a  set  of 
design  and  development  tools,  and  deploy¬ 
ment  services  that  can  be  used  to  create 
so-called  “rich”  Web  clients.  Curl  now  is 
focusing  on  two  markets:  customers  devel¬ 
oping  their  corporate  portals  and  intranets, 
and  independent  software  vendors. 

The  software  can  be  downloaded  from 
an  application  server  to  a  PC  or  laptop. The 
Curl  platform,  now  available,  starts  at 
$25,000.  Evaluation  copies  are  free  at 
www.curl.com  ■ 
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BUSINESS  SOFTWARE:  Managing  money. 


Navigating  the  compensation  quagmire 


■  BY  ANN  BEDNARZ 

DirecTV  CIO  Bob  Pacek  needed  software  that  could 
automate  his  sales  team  commission  payments, 
handle  multiple  complicated  compensation  pay¬ 
ments,  understand  business  rules  and  accept  frequent 
changes  to  those  rules.  Plus,  the  software  needed  to  do  all 
this  in  a  manner  that  could  be  audited. 

That's  where  Callidus  Software  came  in.  Callidus’ True- 
Comp  is  one  offering  in  a  rapidly  growing  segment  of 
the  software  market  known  as  incentive  compensation 
management. This  software  is  aimed  at  managing  com¬ 
plicated  compensation  scenarios  —  making  it  easier  for 
compensation  designers  to  edit  bonus  plans,  easier  for 
sales  teams  to  understand  and  verify  how  their  compen¬ 
sation  was  calculated,  and  easier  for  managers  to  com¬ 
municate  sales  objectives  to  the  field. 

DirecTV  sells  its  digital  satellite  television  services 
through  a  network  of  25,000  dealers. The  El  Segundo, 
Calif.,  provider  has  different  business  arrangements 
with  individual  dealers  and  groups  of  dealers  that  sell 
directly  to  its  10.7  million  customers.Terms  differ,  and 
product  promotions  vary  according  to  factors  such  as 
schedule,  duration  and  geographic  district. 

Automating  commission  payment  calculations,  there¬ 
fore,  requires  software  that  can  understand  business 
rules  and  accept  frequent  changes  to  those  rules  — 
without  requiring  IT  assistance  to  handle  each  new 
contract  arrangement.  In  addition,  application  integra¬ 
tion  features  are  critical.  Incentive  compensation  appli¬ 
cations  have  to  be  able  to  work  with  CRM  systems  to 
extract  data  such  as  customer  names  and  quotas;  with 
human  resources  systems  to  retrieve  tenure,  salary  and 
bonus  information;  and  with  enterprise  resource  plan¬ 
ning  (ERP)  systems  to  access  transactional  product, 
pricing  and  promotional  information. 

At  DirecTV,  the  Callidus  software  is  tied  to  back-end 
systems  including  billing  software  that  stores  informa¬ 
tion  about  the  customers  associated  with  each  dealer; 
and  commitment  systems  for  tracking  the 
contractual  commitments  customers  make 
at  the  time  of  a  sale,  Pacek  says. 

A  new  era 

Until  recently  software  sophisticated 
enough  to  handle  incentive  management 
for  large  companies  didn’t  exist,  which  is 
why  DirecTV  and  others  relied  on  myriad 
custom  applications  to  compensate  sales¬ 
people  and  dealers. 

But  these  custom  applications  “have 
turned  into  quite  complicated  legacy  sys¬ 
tems  that  require  a  great  deal  of  overhead 
to  maintain,”  Pacek  says.  For  him,  the  chance 
to  retire  aged  legacy  systems  was  a  driver  in 
rolling  out  incentive  compensation  soft- 
ware.“l  wouldn’t  be  doing  this  if  we  were 
not  able  to  retire  legacy  systems,”  Pacek  says. 

DirecTV  isn’t  the  only  company  tired  of  costly  re¬ 
designs  to  keep  legacy  systems  in  sync  with  continually 
shifting  contract  arrangements.  Companies  in  growing 
numbers  are  looking  to  buy  packaged  compensation 
management  software  rather  than  rebuild  or  patch  exist- 


Compensation  management  software  is 
designed  to  automate,  analyze  and  manage 
complex  incentive  compensation  plans. 


Pros: 


•  Offers  greater  flexibility  than  homegrown  systems. 

•  Can  reduce  compensation  payment  errors. 

•  Enables  consistent  communication  with  sales  teams. 

•  Provides  bundled  analytic  and  modeling  tools. 


Cons: 


•  Viability  of  small  best-of-breed  vendors  is  not  certain. 

•  Large,  enterprise  suite  vendors  offer  limited 
features. 

•  Some  Web-based  versions  are  not  fully  mature. 


ing  homegrown  systems,  says  Joe  Galvin,  vice  president 
and  research  director  at  Gartner. 

While  the  market  for  what  Gartner  terms  “incentive 
compensation  management”  software  is  relatively 
young,  by  next  year  it  will  be  exploding,  Galvin  says. 

Small  vendors  that  specialize  in  compensation  man¬ 
agement  are  playing  a  big  role  in  this  market  emer¬ 
gence.  These  include  Callidus,  Incentive  Systems  and 
Synergy,  which  got  its  start  selling  compensation  man¬ 
agement  services  and  now  offers  packaged  software, 
too. 

Lately  larger  enterprise  software  vendors  are  eyeing 
the  market,  too.  Siebel  Systems,  Oracle  and  SAP  offer 
incentive  compensation  modules  (ICM)  bundled  with 
CRM  or  human  resources  packages.  And  last  month, 
PeopleSoft  announced  plans  to  deliver  its  own  compen¬ 
sation  management  offering  later  this  year. 

In  general,  the  new  players  offer  greater  and  more 

sophisticated  features,  while  the  established 
suite  vendors  might  have  more  clout  with 
companies  that  are  wary  of  small  vendors’ 
corporate  viability,  Galvin  says. 

DirecTV  went  with  one  a  smaller  player. 
But  before  committing  to  Callidus,  Pacek  fed 
TrueComp  some  of  DirecTV’s  tougher  con¬ 
tracts  to  be  sure  the  software  could  track 
complicated  schemas,  he  says.  He  found  it 
could  do  the  job  better  than  his  legacy  sys¬ 
tems  —  which  wasn’t  the  case  just  a  few 
years  ago  when  he  first  evaluated  ICM  soft¬ 
ware,  Pacek  says. 

Galvin  agrees.Three  years  ago,  the  software 
was  new  and  users  were  considered  on  the 
leading  edge,  he  says. Today’s  products  are 
more  mature. 

Incentive  compensation  applications 
today  are  more  scalable  than  they  were  in  their  first  iter¬ 
ations.  As  vendors  built  up  their  systems,  they  tacked  on 
modules  and  plugged  in  external  elements,  such  as 
reporting  engines,  to  the  detriment  of  performance  and 
scalability,  Galvin  says. This  precluded  some  early  pio¬ 
neers  from  attracting  large  customers. 


Today,  the  vendors  have  redesigned  their  systems  to 
handle  large-scale  implementations,  Galvin  says.  And  the 
vendors  are  in  various  stages  of  migrating  their  products 
from  client/server  architectures  to  Web-based  Java  2 
Platform  Enterprise  Edition-compliant  versions. 

Simplification  sought 

Driving  interest  in  compensation  management  soft¬ 
ware  is  a  need  for  companies  to  simplify  the  administra¬ 
tion  of  complex  incentive  plans.  Homegrown  systems 
are  unwieldy,  and  often  only  a  few  experienced  com¬ 
pensation  analysts  understand  how  the  systems  have 
morphed  over  time  to  handle  plan  changes. 

At  Kinko’s,  the  administrative  challenge  of  supporting 
multiple  programs,  the  majority  of  which  were  spread¬ 
sheet-based,  became  too  much,  says  Wes  Wada,  vice 
president  of  compensation  benefits  and  human  re¬ 
sources  management  systems  at  the  Dallas  company. 

Kinko’s  employs  20,000  people.  Each  employee  is  part 
of  a  variable  pay  plan,  from  corporate  sales  personnel 
who  receive  commissions  to  hourly  store  attendants 
who  are  entitled  to  profit-sharing  rewards. 

Some  incentive  plans  pay  monthly  or  quarterly  some 
pay  annually,  Wada  says.  Keeping  the  programs  straight 
required  maintaining  a  variety  of  software  programs  and 
sometimes  manually  exchanging  data  between  them. 
“Obviously  that  was  less  than  efficient,”Wada  says. 

So  Kinko’s  opted  for  software  from  Incentive  that,  once 
fully  deployed  this  summer,  will  let  the  business  services 
company  administer  all  its  variable  pay  plans  from  within 
one  software  program.“What  Incentive  Systems  will  give 
us  is  a  better  collection  point  for  data,”Wada  says.  It  also 
will  let  employees  monitor  how  they  perform  against 
their  sales  objectives,  Wada  says. 

In  general,  packaged  incentive  compensation  applica¬ 
tions  appeal  to  companies  that  have  a  failed  or  broken 
system;  are  considering  a  complete  redesign  of  their 
compensation  plans;  or  are  newly  merged  with  another 
sales  team,  Galvin  says.They  are  suited  for  companies 
with  more  than  200  or  300  salespeople. 

Implementation  can  be  relatively  fast,  taking  just 
three  to  six  months  depending  on  the  number  of  pay¬ 
ees,  volume  of  transactions,  number  of  compensation 
plans,  and  complexity  of  crediting  structures,  Galvin 
says.  For  a  company  with  750  salespeople,  he  estimates 
the  cost  of  software  licenses,  implementation,  training 
and  a  year  of  software  maintenance  fees  could  total 
$1.2  million. 

Offsetting  the  implementation  costs  are  savings 
achieved  by  reducing  accounting  errors.  Commission 
overpayments  in  manual  systems  range  from  3%  to 
8%  of  total  incentive  payments,  according  to  Gartner. 
The  money  saved  by  reducing  overpayment  errors 
alone  might  be  enough  to  recoup  the  investment  in 
incentive  compensation  software  in  just  12  months, 
Galvin  says. 

Not  only  can  packaged  systems  yield  greater  accuracy 
than  homegrown,  spreadsheet-based  systems,  they  also 
can  improve  payment  timeliness. That’s  a  competitive 
advantage,  Galvin  says.“lf  you  can  pay  dealers  more 
quickly,  and  if  you  can  pay  them  accurately, you  will 
have  a  competitive  advantage  and  they’re  more  likely  to 
sell  your  product,”  he  says.  ■ 


By  using  compensation 
management  software. 
Bob  Pacek,  CIO  of 
DirecTV,  says  he  has 
eliminated  complex, 
costly  legacy  systems. 
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Digex  to  leverage  link  to  WorldCom 

New  business  continuity  services  rely  on  embattled  majority  owner’s  high-speed  network. 


Buying  business  continuity 

Digex  is  linking  its  data  centers  with  WorldCom’s  high-speed  network 
and  giving  customers  a  range  of  business  continuity  offerings. 


Rapid  recovery 

If  a  server  fails,  Digex  will  rebuild  a  secondary  server  while 
restoring  client’s  production  site. 

Corporate  presence 

If  the  primary  site  is  unavailable,  Digex  will  redirect  traffic 
to  an  alternate  site. 

Dynamic  failover 

Digex  manages  an  active  failover  database  that  will 
continue  transaction  processing  if  the  primary  server  fails. 

Standby  site 

Digex  manages  an  Oracle  standby  site  in  a  different 
geographic  location  that  can  pick  up  transaction  processing 
in  the  event  of  a  production  failure. 

Active  standby  site 

Customer’s  production  site  is  split  between  multiple  Digex 
data  centers. 

Development/ 
recovery  site  bundle 

Digex  will  host  a  customer's  development  site,  which  also 
can  be  used  as  a  disaster-recovery  site. 

■  BY  JENNIFER  MEARS 

LAUREL,  MD.  —  Managed  hosting 
provider  Digex  is  making  a  real  push  to 
capitalize  on  its  WorldCom  relationship, 
linking  its  data  centers  with  WorldCom’s 


■  AT&T  is  stepping  up  its  wireless 
data  offerings  by  rolling  out  services 
designed  to  give  users  access  to  cor¬ 
porate  resources  such  as  e-mail  and 
Web-enabled  applications  from  a 
range  of  wireless  devices.  AT&T  last 
week  announced  the  services  that 
employ  the  company's  next-genera¬ 
tion  GSM/General  Packet  Radio 
Service  network.  The  offerings  include 
Office  Online,  which  gives  users 
access  to  e-mail,  calendar  and  con¬ 
tacts  from  a  variety  of  devices;  the 
BlackBerry  Service,  which  enables 
the  BlackBerry  5810  Wireless  Hand¬ 
held  to  support  instant  messaging,  e- 
mail  and  phone  calls;  and  Mobile 
connection  —  Enterprise 
Edition,  which  gives  wireless  users 
access  to  corporate  applications. 

■  Verizon  last  week  won  approval 
from  the  Federal  Communications 
Commission  to  begin  offering  long¬ 
distance  service  in  New  Jersey. 

With  New  Jersey,  Verizon  now  can 
offer  long-distance  services  in  eight 
of  its  local  states.  More  importantly, 
the  New  Jersey  win  will  let  Verizon 
offer  long-distance  services  to  the 
many  large  businesses  with  locations 
in  both  New  York  and  New  Jersey. 

■  More  than  10  million  users 

have  access  to  3G  wireless  networks, 
and  that  base  will  increase  by  more 
than  1  million  every  month,  according 
to  research  from  the  CDMA  Devel¬ 
opment  Group  presented  at  the  3G 
World  Congress  last  week.  Com¬ 
mercial  3G  networks  are  available  in 
Korea,  Japan,  Europe,  North  America 
and  Latin  America. 


high-speed  network  and  introducing  busi¬ 
ness  continuity  services  designed  to  keep 
critical  applications  up  and  available. 

The  news  comes  amid  WorldCom  s  wors¬ 
ening  financial  scandal  and  about  a  year 
after  WorldCom  purchased  a  majority  stake 
in  Digex.  The  Digex  board  also  recently 
ousted  CEO  Mark  Shull  and  replaced  him 
with  George  Kerns,  former  senior  vice  pres¬ 
ident  of  operations. 

Analysts  say  the  CEO  move  is  a  good  one 
because  while  Shull  kept  Digex  on  an  even 
keel,  the  company  needed  someone  to 
capitalize  on  the  year-old  relationship  with 
WorldCom  and  expand  the  company’s 
capabilities  while  reining  in  costs. 

“I  think  the  change  at  the  top  indicates 
what  Digex’s  priorities  are  going  forward,” 
says  Melanie  Fbsey  an  analyst  with  1DC. 
“What  they’re  going  to  do  is  basically  work 
on  what  they  can  change  right  now,  which 
is  their  own  cost  structure,  since  they  really 
can’t  do  much  about  the  state  of  the  econ¬ 
omy  or  making  businesses  buy  [services] .” 

While  Kerns  acknowledges  that  the 
economy  is  tough  and  cost  savings  are  a 
priority  —  more  staff  cuts  are  possible  — 
he  stresses  that  Digex  will  not  wait  for  the 
economy  to  improve.The  company  is  part- 


■  BY  MICHAEL  MARTIN 

Verizon  is  launching  an  IP  Centrex  ser¬ 
vice  in  Chicago  this  week  targeted  at  small 
businesses  and  branch  offices  seeking  an 
alternative  to  PBX  or  Centrex  offerings 
from  other  providers. 

The  service,  called  Verizon  Voice  over 
Broadband,  lets  users  manage  local,  long¬ 
distance,  fax,  conferencing  and  e-mail  ser- 
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nering  with  systems  integrators  such  as 
KPMG  Consulting,  Deloitte  &  Touche  and 
Accenture  to  provide  the  managed  infra¬ 
structure  for  enterprise  application  deploy- 


vices  through  a  Web  portal.  The  name  of 
the  service  is  a  bit  misleading  because  it  re¬ 
lies  mostly  on  T-l  connections,  rather  than 
DSL  or  cable. 

Voice  over  Broadband’s  biggest  competi¬ 
tors  in  the  Chicago  market  will  be  SBC  Cen¬ 
trex  services  and  resellers  offering  PBXs, 
says  Dave  Sherman,  senior  marketing  man¬ 
ager  with  Verizon.  The  company  plans  to 
expand  the  service  to  other  markets. 

IP  Centrex  has  advantages  over  trad¬ 
itional  Centrex  and  PBXs,  says  Teresa  Mas- 
trangelo.a  senior  analyst  with  telecom  con¬ 
sultancy  RHK.  Unlike  traditional  Centrex 
services,  users  can  get  unified  messaging 
features  that  are  easily  controlled  through 
a  Web-based  portal, she  says. 

See  Verizon,  page  22 


ments,  opening  its  data  centers  to  a  wider 
variety  of  hardware  and  software  systems, 
along  with  focusing  on  providing  man¬ 
aged  services,  rather  than  isolated  hosting 
“products.” 

Digex  has  grouped  its  services  into  three 
sets:  E-Enablement,  for  midmarket  compa¬ 
nies  looking  for  basic  support  services; 
Commerce,  for  companies  looking  for 
transaction-oriented  capabilities;  and  En¬ 
terprise  IT,  a  shift  for  Digex  as  it  moves  into 
supporting  critical  enterprise  applications. 

“We  have  traditionally  viewed  the  world 
from  a  product  standpoint,”  Kerns  says.“We 
basically  have  taken  different  technologies 
that  we  believed  were  very  important  for 
doing  hosting  on  the  Internet,  put  some 
core  processes  around  those,  provided  24- 
7  high-level  support  and  developed  what  I 
would  call  a  pretty  robust  product  catalog.” 

The  shift  that  customers  will  see,  he  says, 
is  that  Digex  now  will  focus  more  on  pro¬ 
viding  services  that  address  specific  needs. 

For  example,  the  business  continuity  ser¬ 
vices,  called  SmartContinuity,  include  a 
menu  of  seven  disaster-recovery  services 
that  are  designed  to  meet  specific  business 
needs,  from  the  very  simple  to  the  very 
complex. The  services  range  from  running 
a  static  Web  server  that  will  handle  traffic  if 
the  primary  site  goes  down,  to  mirroring 
the  primary  site  in  a  different  geographic 

See  Digex,  page  22 


Verizon  branches  out 
with  IP  Centrex  offer 

Targeting  Chicago  will  help  fulfill  competition  requirements. 
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EYE  OH  THE 
CARRIERS 

Johna  Till 
Johnson 


In  my  last  column,  I  discussed  the  dif¬ 
ference  between  bandwidth  providers 
and  service  providers:  Bandwidth  pro¬ 
viders  sell  you  circuits;  service  providers 
are  in  the  business  of  meeting  your  needs 
for  connectivity. 

What’s  the  difference?  Providing  effec¬ 
tive  connectivity  means  offering  a  mean¬ 
ingful  service-level  agreement  (SLA)  — 
and  actually  living  up  to  it.  It  means 
demonstrating  an  in-depth  understanding 
of  application  performance  and  security 
requirements.and  the  need  to  deliver  new 
services  quickly.Finally.it  means  providing 
timely  responses  to  your  requests  for  infor¬ 
mation  or  service. 

Doesn’t  sound  much  like  your  typical 


Service  providers  vs.  bandwidth  providers 


phone  company,  right?  And  that’s  the  point. 
Most  telephone  companies  genuinely  be¬ 
lieve  their  obligations  to  you  begin  and 
end  when  the  circuit  is  terminated.  And 
while  they’ve  spent  untold  billions  on  in¬ 
credibly  sophisticated  operations  support 
systems  (OSS),  they  still  don't  get  the  fact 
that  these  support  systems  —  not  the 
bandwidth  they  manage  —  is  the  most 
valuable  part  of  what  they  offer. 

That  said,  some  carriers  —  Infonet  and 
Equant,  for  starters  —  actually  understand 
the  difference  between  service  and  band¬ 
width. These  companies  set  the  gold  stan¬ 
dard  for  SLAs  in  the  mid-’90s,  eventually 
forcing  the  larger  telcos  (AT&T;  post,  tele¬ 
graph  and  telephone  administrations;  MCI 
WorldCom;  and  Sprint)  to  follow  suit  and 
include  SLAs  in  their  data  contracts.Today, 
they're  pioneering  the  concepts  of  appli¬ 
cation-level  connectivity  and  VPNs,  ser¬ 
vices  that  don’t  require  customers  to  pur¬ 
chase  bandwidth. 

After  these  folks,  who  else  “gets  it”  to 
some  degree?  I’ve  worked  with  individu¬ 


als  at  AT&T,  Colt  Telecom  Sprint  and  Ver¬ 
izon  who  understand  the  difference  be¬ 
tween  providing  service  and  providing 
bandwidth.  And  my  co-panelist  last 
month  at  SuperComm,  Daniel  Davied, 
executive  director  of  corporate  prioritiza¬ 
tion  management  at  SBC  Communica¬ 
tions,  provided  a  clear  indication  that 
SBC  also  gets  it. 

That  said.  I’m  sure  many  of  you  have 
horror  stories  about  the  cluelessness  of 
the  providers  listed  above  —  and  that’s 
the  point.  It  takes  a  lot  for  a  traditional 
telco  to  make  the  cultural,  financial  and 
operational  shift  from  selling  bandwidth 
to  selling  services  —  and  the  folks  I’ve 
listed  above  are  definitely  not  there  yet 
(though  they’re  trying). 

Who’s  left?  Besides  the  carriers  currently 
in  Chapter  1 1  (Global  Crossing,  XO 
Communications  and  the  like),  the  major 
U.S.  players  are  Qwest  and  WorldCom. 
These  providers  must  make  tough  deci¬ 
sions  about  whether  they’re  in  the  band¬ 
width  or  service  businesses  —  and  they 


need  to  do  it  soon. 

I  have  particular  concerns  about  World¬ 
Com  (aside  from  the  company’s  financial 
woes)  although  I  admire  and  respect  CEO 
John  Sidgmore.  Here’s  the  problem:  Several 
years  ago,  when  AT&T  experienced  an  un¬ 
precedented  outage  of  its  frame  relay  net¬ 
work,  CEO  C.  Michael  Armstrong  took  full 
responsibility  for  the  failure  and  personally 
apologized  to  AT&T  customers.  When 
WorldCom  (then  MCI)  had  a  similar  out¬ 
age,  the  company  denied  that  it  happened, 
lied  about  the  impact  and  refused  to  speak 
with  customers.  That’s  the  embedded  cor¬ 
porate  culture  Sidgmore  has  to  turn 
around  to  transform  his  company  into  a 
service  provider.  I’m  sure  the  many  World¬ 
Com  customers  out  there  join  me  in  wish¬ 
ing  him  the  best  of  luck. 

Johnson  is  senior  vice  president  and  CTO 
for  Greenwich  Technology  Partners,  a  net¬ 
work  consulting  and  engineering  firm. 
She  can  be  reached  at  johna@green 
wichtech.com. 
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The  advantage  over  a  PBX  is  that 
there’s  no  large  up-front  cost. 

On  the  negative  side,  IP  Centrex 
doesn’t  give  users  as  much  control 
over  calling  features  as  owning 
their  own  PBX,  Mastrangelo  says. 

While  the  Voice  over  Broad¬ 
band  service  will  be  branded 
and  sold  by  Verizon,  the  infra¬ 
structure  is  provided  by  Go- 
Beam,  an  IP  Centrex  provider  in 
Sunnyvale,  Calif.  GoBeam  has 
about  10,000  direct  business  cus¬ 
tomers  in  California.  GoBeam 
also  wholesales  its  services  to 
other  providers,  although  Verizon 
is  the  first  regional  Bell  operating 
company  that  it  has  signed. 

GoBeam  has  established  a 
point  of  presence  in  the  Chicago 
area  with  redundant  routers, 
conference  servers  and  media 
gateways. 


Customers  who  subscribe  to  the 
service  will  need  to  have  a  router 
and  IP  telephones  installed.  Ver¬ 
izon  has  set  up  a  network  of 
value-added  resellers  that  will 
handle  the  installations. 

The  Voice  over  Broadband  ser¬ 
vice  is  targeted  at  locations  that 
have  between  20  and  200  work¬ 
ers.  Like  other  Centrex  offerings, 
the  service  is  ideal  for  companies 
that  have  multiple  locations  in  the 
area,  Sherman  says,  because  it  lets 
workers  in  separate  offices  com¬ 
municate  with  one  another  as  if 
they  were  in  the  same  office. 

Verizon  chose  the  Chicago  mar¬ 
ket  for  the  service  to  help  the 
company  meet  a  competition 
commitment  it  made  to  the  Ill¬ 
inois  Public  Utilities  Commission 
when  GTE  and  Bell  Atlantic 
merged  to  form  Verizon. 

Verizon  isn’t  the  first  RBOC  to 
introduce  an  IP  Centrex  service. 
Earlier  this  year, SBC  said  it  would 


Converging 

communications 

Features  of  Verizon’s  Voice 
over  Broadband  service 
include: 

•  Find  me/follow  me  —  lets 
users  direct  calls  to  any 
phone,  pager  or  e-mail 
address. 

•  Demand  conferencing  —  lets 
users  quickly  set  up  calls 
with  two  to  10  participants. 

•  Simple  administration  — 
phone  changes  can  be  made 
from  any  PC  with  an  Internet 
connection, 

launch  an  IP  Centrex  offering  this 
fall.  However,  SBC’s  service  will 
continue  to  use  traditional  Class 
5  switches,  while  the  Verizon/ 
GoBeam  service  relies  on 
softswitches.  ■ 


Digex 

continued  from  page  21 
location. 

"Digex  has  done  a  great  job 
finding  out  what  the  market 
needs  and  bringing  a  solution 
that  consists  of  those  needs  in 
multiple  categories,”  says  Andy 
Schroepfer,  president  of  Tier  1 
Research. 

The  services  stand  out  in  the 
market  because  they  combine 
Digex’s  hosting  expertise  wdth 
WoridCom’s  network  capabilities. 
Schroepfer  says  its  the  WorldCom 
network  that  enables  these  ser¬ 
vices  by  providing  the  infrastruc¬ 


ture  for  transaction  load  balanc¬ 
ing  and  database  synchronization 
at  high  speeds. 

Other  telecom  companies  that 
provide  hosting  could  offer  simi¬ 
lar  services,  but  “Digex  is  the  first 
to  put  a  great  wrapper  around  this 
whole  thing  to  help  enterprises 
figure  out  what  it  is  they  can  look 
at  as  far  as  options,  instead  of  just 
saying,  ‘You  need  to  do  disaster 
recovery!” Schroepfer  says. 

Steve  Keifer,  senior  manager  of 
product  development  and  strate¬ 
gy  at  Digex,  says  the  company  is 
offering  businesses  a  more  eco¬ 
nomical  solution  by  providing 
dedicated  circuits  at  a  reasonable 


price,  as  well  as  hosting  expertise 
to  manage  databases  and  appli¬ 
cations.  Pricing  was  not  disclosed. 

Businesses  can  expect  to  see 
Digex  continue  to  use  the  World¬ 
Com  network  to  roll  out  new  ser¬ 
vices,  Kerns  says.  Companies 
looking  to  consolidate  server 
deployments  will  have  an  easier 
time  moving  into  Digex  facilities 
because  the  company  will  sup¬ 
port  HP-UX  and  IBM  A1X  operat¬ 
ing  systems,  and  a  growing  list  of 
hardware  deployments.  Digex  will 
continue  to  support  Compaq  and 
Sun  hardware,  and  Microsoft  and 
Sun  software.  Digex  added  sup¬ 
port  for  Linux  earlier  this  year.  ■ 


Carriers  unite 
to  keep  KPNQwest 
network  alive 


■  BY  JORIS  EVERS 

Several  telecom  companies 
provided  funds  last  week  to  keep 
a  key  part  of  bankrupt  KPN¬ 
Qwest’s  network  running  until  at 
least  today. 

The  carriers,  which  are  all  users 
of  KPNQwest’s  18-country  fiber¬ 
optic  network,  have  set  up  a 
foundation  to  support  their 
efforts  called  Customer  Support 
KPNQwest.  The  foundation  has 
been  approved  by  KPNQwest’s 
liquidators,  and  sufficient  funds 
have  been  pledged  to  maintain  a 
key  part  of  the  network  in  north¬ 
west  Europe. 

Keeping  the  network  up  gives 
customers  more  time  to  find  an 
alternative  service  provider.  It 
also  should  provide  KPNQwest’s 
liquidators  with  a  chance  to  sell 
a  business  that  is  still  operational, 
maximizing  proceeds  for  banks 
that  provided  loans  to  the  com¬ 
pany  and  other  creditors. 

The  Amsterdam  Internet  Ex¬ 
change  (AMS-IX),a  major  hub  of 
Internet  connections  in  the 
Netherlands  and  one  of  the  com¬ 
panies  that  provides  network  ser¬ 
vices  to  KPNQwest,  confirmed 
that  the  foundation  is  paying 
KPNQwest’s  bills  to  help  keep  its 
network  operational. 


On  June  21,  the  liquidators, 
after  losing  a  court  case  against 
the  lending  banks,  told  staff 
at  KPNQwest,  in  Hoofddorp, 
Netherlands,  to  stop  working  and 
said  the  network  would  be  shut 
down. The  funding  by  the  group 
of  telecom  companies  seems  to 
have  prevented  that  closure. 

KPNQwest  went  bankrupt  in 
late  May  after  a  plan  to  sell  cer¬ 
tain  assets  to  meet  urgent  finan¬ 
cial  obligations  failed.  The  com¬ 
pany,  founded  in  November  1998 
by  KPN  and  U.S.-based  Qwest 
Communications  International, 
invested  heavily  in  its  network 
and  won  large  customers  includ¬ 
ing  Microsoft  and  Dell. 

The  once-$40  billion  company 
went  into  a  financial  tailspin 
when  demand  failed  to  meet  its 
expectations  and  its  founders 
and  banks  withdrew  support. 

Evers  is  a  correspondent  with 
the  IDG  News  Service’s  Amster¬ 
dam  bureau. 
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Cisco  VPN  service  makes  move  to  nets 


Learning  to  Share 

Enhancements  to  Cisco’s  IOS  software  enable  VPN  services,  such  as  IP 
address  management  and  multicasting,  to  be  moved  from  the  corporate 
site  into  the  service  provider  network,  where  they  can  be  shared  among 
corporate  users. 

IP  address 
server 


■  BY  JIM  DUFFY 

SAN  JOSE  —  Cisco  last  week  announced 
enhancements  to  its  routing  software  de¬ 
signed  to  let  service  providers  reap  more 
revenue  from  theirVPN  services. 

Called  Managed  Shared  Services,  the 
upgrades  are  intended  to  let  IP  VPN  ser¬ 
vices  move  into  the  service  provider  net¬ 
work,  where  they  can  be  shared, as  opposed 
to  replicating  the  services  at  each  corporate 
customers  VPN.  Cisco  says  the  result  will  be 
increased  network  efficiency,  reduced  traf¬ 
fic  loads  and  simplified  management  for 
service  providers  through  assumption  of 
customers’ VPN  operations  and  new  offer- 


■  Juniper  Networks  recently 
announced  that  its  G10  Cable  Mo¬ 
dem  Termination  System  has  re 

ceived  qualification  from  CableLabs 
for  Data  Over  Cable  Service  Inter¬ 
face  Specification  1.1.  Juniper  ob¬ 
tained  the  G10  CMTS  from  its  Nov¬ 
ember  2001  acquisition  of  Pacific 
Broadband  Communications. 
Juniper  says  the  G10  CMTS  was  the 
first  CMTS  to  receive  DOCSIS  1.0  in 
July  2001  and  Euro-DOCSIS  qualifica¬ 
tion  running  custom  Broadband 
Cable  Processor  silicon.  The  G10 
CMTS  is  distributed  in  North  Amer¬ 
ica  by  Scientific-Atlanta. 

■  Lucent  recently  announced 
commercial  availability  of  3G  Code 
Division  Multiple  Access  2000 
IxEV-DO  mobile  wireless  equip¬ 
ment.  This  base  station  and  core  net¬ 
work  hardware  and  software  are 
designed  to  let  wireless  network  oper¬ 
ators  provide  mobile  data  services  at 
speeds  of  up  to  2.4M  bit/sec.  The 
equipment  is  designed  to  initially  sup¬ 
port  mobile  service  providers  em¬ 
ploying  1900  MHz  or  PCS  spectrum. 
Verizon  Wireless  is  conducting  tri¬ 
als  of  Lucent's  IxEV-DO  systems  in 
the  Washington,  D.C.,  area.  IxEV-DO 
is  a  data-optimized  evolution  of 
CDMA2000  IX  technology  now  used 
in  Verizon  Wireless'  national  network. 


ings  beyond  providing  connectivity 

Cisco’s  ability  to  help  service  providers 
create  value-added  services  was  a  theme  of 
CEO  John  Chambers’  keynote  last  month  at 
SuperComm. 

Bell  Canada  was  listening.  The  carrier 
offers  managed  IP  VPN  services  using  Cisco 
equipment,  says  Ashu  Avasthi,  portfolio 
manager  for  Bell  Canada’s  IP  broadband 
solutions.  Now  in  its  2003  service  planning 
cycle,  the  carrier  will  examine  Cisco’s 
Managed  Shared  Services  to  see  if  there’s  a 
fit,  he  says. 

Managed  Shared  Services  support  Multi¬ 
protocol  Label  Switching  (MPLS)-based 
VPNs  and  include  multicast,  network  ad¬ 
dress  translation  (NAT),  On  Demand  Ad¬ 
dress  Pools  (ODAP)  and  VPN  Select.  These 
services,  once  housed  inside  the  corporate 
network,  now  can  migrate  into  the  service 
provider’s  network  for  new  outsourcing  rev¬ 
enue  potential. 

By  reducing  packet  replication  in  the 
MPLS  network,  multicast  VPNs  are  de¬ 
signed  to  minimize  configuration  time  and 
complexity,  increase  network  scalability 
and  provide  the  ability  to  build  services 
such  as  virtual  multicast  networks. 

The  NAT  enhancements  extend  address 
translation  for  private  IP  addressing  to  the 
service  provider  network,  allowing  access 
to  shared  services  from  any  VPN  without 
losing  the  VPN  association  or  compromis¬ 
ing  connectivity  Cisco  says.  ODAP  auto¬ 
mates  the  expansion  of  IP  address  pools 
contained  in  Dynamic  Host  Configuration 
Protocol  servers,  letting  service  providers 


■  BY  JIM  DUFFY 

SAN  JOSE  —  Spending  on  metropolitan- 
area  network  products  and  services  in 
North  America  will  increase  more  than 
fivefold  during  the  next  four  years  to  re¬ 
place  aging  copper  infrastructure  and  its 
low-speed  links,  a  research  firm  predicts. 

Metropolitan  product  and  service  ex¬ 
penditures  in  the  U.S.  and  Canada  will 
grow  from  $420  million  this  year  to  $2.7 
billion  in  2006, according  to  Infonetics  Re¬ 
search.  Product  expenditures  will  more 
than  triple  during  that  period,  from  $105 
million  to  $392  million,  while  spending  on 
services  will  balloon  sevenfold,  from  $315 
million  to  $2.4  billion,  the  firm  said  in  a 
recent  report. 


more  easily  manage  IP  address  spaces 
across  multiple  VPNs  through  a  shared,  net¬ 
work-based  DHCP  server,  Cisco  says. 

VPN  Select  is  designed  to  support  broad¬ 
band  access  to  the  MPLS  VPN  network.  VPN 
Select  lets  remote  users  with  high-speed 
links  connect  to  corporate  VPNs  irrespec¬ 
tive  of  their  access  providers,  Cisco  says. 

VPN  Select  works  much  like  route-control 
products,  which  try  to  steer  traffic  to  the 
least-congested  or  least-costly  route  in  a 
multihomed  network.  But  instead  of  snoop¬ 
ing  or  monitoring  link  performance  like 
route  control  products,  the  service  directs 
traffic  from  remote  broadband  users  to  a 


Infonetics’  data  is  based  on  responses 
from  officials  at  80  organizations  who  plan 
to  connect  their  sites  with  new  metropoli¬ 
tan  access  services  by  January  2004.  Re¬ 
spondents  are  from  organizations  with  an 
average  workforce  of  8,200  and  are  re¬ 
sponsible  for  product  and  service  pur¬ 
chases,  Infonetics  says. 

The  primary  drivers  for  new  product  and 
services  purchases  are  network  availabil¬ 
ity,  performance,  reliability  and  uptime. 
Businesses  now  use  copper-based  circuit- 
switched  last-mile  connections,  which 
provide  low  speeds  relative  to  the  speeds 
of  service  provider  backbones  and  corpo¬ 
rate  LANs. 

Most  businesses  connect  from  the  LAN 


particular  ISP’s  VPN  based  on  the  user’s  IP 
address  and  VPN  association. 

Analysts  say  Managed  Shared  Services  is 
a  good  tactical  first  step,  but  that  Cisco 
needs  to  provide  a  broader  service  strategy. 

“I  didn’t  get  their  vision  of  future  services 
carriers  will  be  developing,"  says  Todd  Han¬ 
son,  an  analyst  at  Gartner.  If  I’m  on  the 
fence,  what  is  going  to  lead  me  to  be  a 
Cisco  champion  based  on  this  announce¬ 
ment  and  show  me  the  technology  to  sup¬ 
port  the  business  case?” 

All  the  Managed  Shared  Services  en¬ 
hancements  will  be  available  in  Cisco  IOS 
later  this  year.  ■ 


to  the  WAN  or  the  Internet  using  dial-up, 
DSL  orT-1  connections. 

But  VPNs,  storage-area  networks  and 
other  applications  that  extend  LANs  are 
driving  bandwidth  requirements,  and  up¬ 
start  and  incumbent  carriers  are  market¬ 
ing  LAN  extension  aggressively  because 
the  majority  of  WAN  and  Internet  data 
communications  begin  and  end  as  Ether¬ 
net  frames,  Infonetics  says.  As  a  result,  the 
most  new  metropolitan  access  connec¬ 
tions  among  the  respondents  to  the  Info¬ 
netics  survey  are  Ethernet. 

Barriers  to  new  product  and  service  pur¬ 
chases  are  service  availability,  technology 
compatibility  and  the  financial  stability  of 
the  service  provider,  Infonetics  says.  ■ 


Metro  spending  to  increase  sixfold 
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SAML  promises  Web  services  security 


■  BY  JAMES  KOBIELUS 

Security  Assertion  Markup  Language  1.0 
is  a  new  proposed  standard  for  interoper¬ 
ability  among  Web  services  security  prod¬ 
ucts.  As  corporations  increasingly  deploy 
access  management  solutions  and  other 
security  products  in  Web  services  envi¬ 
ronments,  SAML  1.0  has  the  potential  to 
be  a  critical  interoperability  standard  for 
securing  these  online  environments  from 
end  to  end,  both  within  organizations  and 
from  business  to  business. 

SAML  1.0,  nearing  ratification  by  the 
Organization  for  the  Advancement  of 
Structured  Information  Standards,  works 
with  XML  and  Simple  Object  Access  Pro¬ 
tocol  (SOAP). 

SAML  1.0  defines  SOAP-based  interac¬ 
tions  among  security  and  policy  do¬ 
mains,  supporting  Web  single  sign-on 
(SSO),  authentication  and  authorization. 
The  standard  defines  request  and  re¬ 
sponse  “assertion”  messages  that  security 
domains  exchange  to  vouch  for  authenti¬ 
cation  decisions,  authorization  decisions, 
and  attributes  that  pertain  to  named  us¬ 
ers  and  resources. 

SAML  1.0  also  defines  functional  enti- 


Got  great  ideas 


■  Hetwork  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one,  and  want  to  contribute  it  to  a 
future  issue,  contact  Features  Editor 
Neal  Weinberg  (nweinberg@nww.com). 


■  HOW  IT  WORKS 


SAML 

Security  Assertion  Markup  Language  is  a  proposed 
standard  that  would  provide  security  for  Web  services. 


Authentication  server 


O  End  user’s  browser  accesses 

authentication  server,  and  authentication 
server  asks  for  user  ID  and  password. 


©  End  user  requests  a  resource  from  destination/Web 
services  server.  Authentication  server  opens  a  session  with 
destination  server. 


©  End  user  enters  ID  and  password. 
Authentication  server  checks  with  LDAP 
directory  and  then  authenticates  end  user. 


©  Authentication  server  sends  uniform  resource  identifier 
(URI)  to  end  user.  End  user  browser  is  redirected  to  URI, 
which  connects  end  user  to  Web  service. 


ties  such  as  authentication  authorities, 
attribute  authorities,  policy  decision 
points  and  policy  enforcement  points. 

In  a  SAML-enabled  Web  SSO  scenario, 
users  log  on  to  their  home  or  “source” 
domains  through  authentication  tech¬ 
niques  such  as  ID/password.  The  source 
domain  communicates  this  authentica¬ 
tion  decision,  plus  other  information  that 
provides  a  security  context  for  that  deci¬ 
sion,  to  one  or  more  affiliated  or  federat¬ 
ed  destination  domains  through  mes¬ 
sages  that  contain  SAML  “authentication 
assertions”  and  “attribute  assertions.” 

The  SAML  scenario 

In  the  most  basic  SAML  1.0  interoperabil¬ 
ity  scenario  supporting  Web  SSO,  the 
browser/artifact  profile,  a  user  interacts 
with  SAML-enabled  Web  sites  as  follows: 


•  User’s  browser  accesses  source  site 
(which  functions  as  a  SAML  authentica¬ 
tion  authority),  usually  via  HTTP/Secure 
Sockets  Layer  (SSL). 

•  Source  site  challenges  browser  for 
user  ID  and  password. 

•  Browser  responds  to  challenge  by 
entering  user  ID  and  password. 

•  Source  site  authenticates  browser 
through  call  to  external  authenticating 
server,  such  as  a  Lightweight  Directory 
Access  Protocol  directory. 

•  Browser  requests,  via  clicking  on  a 
universal  resource  indicator  (URI)  posted 
on  source  site,  a  particular  resource  resid¬ 
ing  on  destination  server,  thereby  redi¬ 
recting  to  the  source  site’s  “intersite  trans¬ 
fer  service”  URL. 

•  Source  site  holds  session  and  pro¬ 
duces  a  short-lived  SAML  authentication 


to  assert  that  an  event  has  taken  place 
(subject  to  conditions  on  the  authentica¬ 
tion  assertion,  along  with  policies  defined 
by  the  requested  destination  server  and 
resource). 

•  Source  site  holds  assertion  message 
locally  in  cache. 

•  Source  site  returns  to  browser,  via  SSL, 
a  URI  that  includes  an  appended  SAML 
“artifact”  (an  eight-byte  Base64  string) 
that  points  to  the  authentication  assertion 
and  redirects  the  browser  to  the  request¬ 
ed  destination  site  and  resource. 

•  Destination  site  uses  the  SAML  artifact 
to  query/retrieve  the  referenced  authenti¬ 
cation  assertion  from  the  source  site 
(usually  over  SSL  sessions). 

•  Destination  site  holds  session,  parses/ 
verifies  authentication  assertion  message 
(and  validates  optional  XML  Signature 
on  message,  if  this  technique  has  been 
used),  and  grants  browser  access  to 
requested  resources. 

While  it  continues  to  gain  marketplace 
traction,  SAML  1.0  is  still  a  new  specifica¬ 
tion  whose  long-term  viability  remains 
unproven. The  true  test  of  SAML  1.0,  as  of 
any  standard,  will  be  in  how  well  the  mar¬ 
ket  accepts  the  proposed  standard  and 
enables  development  of  Web  services 
through  products  that  support  it.  Web 
security  solution  vendors  are  hard  at 
work  ironing  out  the  myriad  technical 
details  necessary  to  support  interoper¬ 
ability  among  their  diverse  SAML  1.0 
implementations. 

Kobielus  is  senior  analyst  at  The  Burton 
Group  and  a  Network  World  columnist.  He 
can  be  reached  at  jkobielus@burton 
group.com. 


Dr.  Internet 


By  Steve  Blass 


We  maintain  a  30-user,  Windows  NT-based  net¬ 
work  at  our  company.  On  some  of  our  Windows 
95  and  98  machines,  when  users  start  our  busi¬ 
ness  software,  the  dial-up  networking  dialog 
comes  up.  The  users  have  to  hit  cancel  many 
times  to  get  it  reset.  If  we  reformat  and  install 
the  LAN  network  interface  card  before  we 
install  the  modem,  the  annoying  behavior  does 
not  exist.  Is  there  a  way  to  edit  the  registry  so 
that  the  LAN  NIC  loads  before  the  modem?  This 


problem  has  been  plaguing  us  for  about 
two  years. 

In  September  2000  we  addressed  this  in  a  col¬ 
umn  on  Windows  95  (www.nwfusion.com, 
DocFinder:  1034).  Here's  the  relevant  excerpt: 
“Go  to  the  control  panel  window,  click  'Internet 
options’  and  choose  the  'connections'  tab  in 
the  dialog  box.  You'll  see  a  set  of  radio  buttons 
labeled  ‘never  dial  a  connection,’  'dial  whenever 


a  network  connection  is  not  present,'  and 
‘always  dial  my  default  connection.'  Choosing 
'never'  will  stop  the  automatic  dial-up 
completely." 

The  associated  registry  key  values  are 
EnableAutodial=0  and  NoNetAutoaial=0. 

Blass  is  a  network  architect  at  Change® 
Work  in  Houston.  He  can  be  reached  at 
dr.internet@changeatwork.com. 


When  software  quickly  eliminates  barriers  between  systems,  that’s  one  degree  of  separation.  While  you  may  have  one 
department  standardized  on  one  platform,  you’ll  often  have  another  department  on  a  different  platform.  And  since  getting  everybody  to 
switch  to  the  same  platform  could  cause  trouble,  it’s  your  job  to  make  everything  work  together.  That’s  where  Microsoft’  BizTalk*  Server  2002 
comes  in.  BizTalk  Server  2002  gives  you  a  library  of  over  300  adapters  for  popular  applications,  technologies,  and  implementations 


like  EDI  using  Internet  standards  like  XML  and  SOAP.  In  short,  it  lets  you  connect  all  your  internal  and  external  systems  quickly  and 
cost-efficiently,  and  nobody  gets  hurt.  That’s  one  degree  of  separation.  That’s  infrastructure  with  .NET.  Find  out  how  .NET  connected 
software  can  help  you  eliminate  the  barriers  between  your  systems.  Go  to  microsoft.com/enterprise  Software  for  the  Agile  Business. 


C  200 2  Microsoft  Corporation  *ll  n*hts  reserved  Microsoft.  Butalk.  and  Windows  are  either  registered  trademarks  or  trademarks  o»  Microsoft  Corporation  in  the  Untied  States  and/or  other  countries  The  name*  of  actual  companies  and  products  mentioned  herein  me,  he  the  trademark*  of  their  respective  owners. 
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Dollar  Rent  A  Car  used  BizTalk  Server  2002  to  create  a  new  XML-based  EDI  interface  in  weeks  rather  than 
months,  and  the  solution  in  turn  reduced  the  development  time  required  for  connecting  to  each  new  business 

partner  by  75  percent.  The  BizTalk  Server  implementation  also  helped  the 
company  to  significantly  reduce  transaction  costs  with  its  partners. 
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" Q :  Why  is  SNMP  like  golf?  A:  Usually  the 
fewer  polls  you  take  the  better  off  you  are, 
but  you  are  sometimes  lost  in  the  woods 
and  it  helps  to  have  a  good  set  of  tools  in 
the  bag  and  it  helps  to  have  good  instruc¬ 
tions  and  you  need  a  few  beers  after  a  bad 
round.” 

—  Anon. 


For  the  past  few  weeks  we  have  been 
enjoying  the  intricacies  of  syslog,  a  proto¬ 
col  used  to  send  status  messages  from 
one  device  to  another  over  an  IP-based 
network.  We  hadn’t  mentioned  yet  that  in 
many  syslog  clients  you  can  set  the 
address  for  where  to  send  syslog  mes¬ 
sages. 

So  if  you  want  more  than  one  syslog  col¬ 
lector  or  relay  to  receive  the  messages  you 
need  to  use  a  broadcast  address,  that  is, 
x.x.x.255  (see  our  first  piece  on  syslog  for 
terminology,  www.nwfusion.com,  Doc- 
Finder:  1035). 

But  before  you  make  great  plans  based 


Logging  messages  with  SNMP 


on  syslog  broadcasting,  be  sure  to  check 
that  the  client  can  broadcast  correctly 
and  that  the  syslog  collector  can  actually 
hear  broadcast  messages. 

Anyway,  as  we  said  in  that  first  syslog 
piece:  There  are  four  main  methods  for 
logging  system  or  process  status  messages 
—  syslog  messages.SNMP  traps, logging  to 
a  local  text  file  and  console  logging. We’ve 
covered  syslog  and  we  feel  that  there  is  lit¬ 
tle  to  be  said  on  text  file  and  console  log¬ 
ging  so  . . .  you  guessed  it,  we’re  going  to 
look  at  SNMP!  Oh,  the  joy 

The  first  version  of  SNMP  which  was 
based  on  a  previous  management  proto¬ 
col  called  Simple  Gateway  Monitoring 
Protocol,  was  defined  in  the  Internet 
Engineering  Task  Force  (IETF)  RFC  1067, 
published  in  1988.  After  several  updates, 
and  enhancements,  the  standard  ap¬ 
peared  in  its  final  form  in  RFC  1157  “A 
Simple  Network  Management  Protocol” 
dated  1990  (for  more  on  the  standard  see 
www.nwfusion.com,  DocFinder:  1036). 

The  basic  communication  architecture 
of  SNMP  is  straightforward;  there  are  three 
types  of  requests  and  one  unsolicited 
information  transmission. 

To  get  information  from  an  SNMP  de¬ 
vice,  a  “manager”  (SNMP  terminology  for  a 
client)  will  send  a  “GetRequest”  or  “Get 
NextRequest”  to  an  “agent”  (the  SNMP 


term  for  a  server)  and  the  requested  infor¬ 
mation  or  an  error  message  will  be  sent 
back  in  a  “Response.”  If  a  manager  wants 
to  modify  information  on  an  agent,  a 
“SetRequest”  will  be  sent  with  a  corre¬ 
sponding  response  to  confirm  or  report 
an  error. 

The  unsolicited  message  form  is  called  a 
“trap.”This  kind  of  message  is  usually  sent 
by  agents  on  start-up,  on  status  change 
and  in  response  to  error  conditions. Traps 
are  not  only  unsolicited  but  they  are  also 
unreliable.  Like  syslog  messages  they  are 
sent  via  User  Datagram  Protocol  and 
whether  they  are  received  depends  on 
whether  they  make  it  to  the  destination 
(remember,  UDP  is  an  unreliable,  best- 
effort  service)  and  whether  the  manager 
is  listening. 

The  information  on  the  agent  is  stored 
in  what  is  called  a  Management  Infor¬ 
mation  Base  (MIB).This  is  a  hierarchical 
data  structure  (not,  as  it  is  often  mistak¬ 
enly  called,  a  database)  that  describes 
all  the  “objects”  that  a  device  can  report 
the  status  of  and,  in  some  cases,  set  the 
value  of. 

The  structure  of  the  MIB  is  laid  out  in  an 
SNMP-related  standard,  RFC  1155  (see 
www.nwfusion.com,  DocFinder:  1037,  for 
more  information),  “Structure  and  Iden¬ 
tification  of  Management  Information  for 


TCP/IP-based  Internets,”  which  defines 
how  MIB  information  is  organized  and 
what  data  types  are  allowed  and  how 
resources  within  the  MIB  are  represented 
and  named. 

The  formal  model  for  defining  objects 
and  tables  of  objects  in  the  MIB  is  the 
Abstract  Syntax  Notation  One  (ASN.l) 
OBJECT  TYPE  macro. 

That’s  the  overall  architecture.  Following 
the  standardization  of  SNMP  Version  1, 
there  were  all  sorts  of  proposals  for 
improving  the  protocol.  In  1992,  develop¬ 
ment  of  SNMP  Version  2  began,  and  in 
1993,  it  became  a  proposed  standard. 

Of  course,  more  was  required  of  SNMP 
than  Version  2  offered,  so  work  began  on 
Version  3  and  the  IETF  Steering  Group 
approved  Version  3  as  a  draft  standard  in 
1998  and  as  a  full  standard  on  April  8, 
2002. Versions  1  and  2  were  moved  to  his¬ 
toric  status.  Of  course,  it  will  take  a  while 
for  Version  3  to  become  ubiquitous,  so 
you’ll  see  lots  of  both  previous  versions 
out  there. 

Next  week  we’ll  delve  into  SNMP  mes¬ 
sage  structure  and  MIBs  and  the  week 
after,  a  tool  that  handles  SNMP  traps  and 
syslog  messages  with  elan  and  aplomb. 

Open  your  trap  to  gearhead@gibbs. 

com. 


Cool  Tog 

Quick  takes 
on  high  tech  toys 

By  Keith  Shaw 


Nokia’s  latest  entry  in  the  world  of  converged  devices 
(cell  phones  with  PDA-like  functions)  arrived  on  my 
desk  recently.  The  Nokia  9290  Communicator  has 
started  shipping  in  the  U.S., although  a  similar  model,  the 
9210,  has  been  in  Europe  for  a  while.  Nokia  sells  the  9290 
for  about  $600  through  its  Web  site,  with  service  plan  acti¬ 
vation  in  the  U.S.  through  VoiceStream. 

At  first  glance,  the  9290  Communicator  looks  like  a 
throwback  to  the  olden  days  of  cell  phones  that  looked 
(and  felt)  like  a  brick.  In  fact, on  the  surface  the  9290  looks 
like  a  standard  Nokia  cell  phone  with  a  lot  of  empty  space 
at  the  bottom.The  top  right  edge  is  slightly  angled.causing 
one  co-worker  to  comment  that  it  looked  like  Gumby 
The  reason  why  the  phone  looks  larger  than  it  needs  to 
be  is  the  convergent  part.  In  a  neat  little  trick,  the  phone 
opens  up  like  a  clam  shell  to  reveal  the  PDA/handheld 
computer.  It’s  this  part  that  will  make  your  colleagues  go 
“ooh”and  “ahh.” 

With  a  look  similar  to  Hewlett-Packard’s  old  Jornada 
handheld  computer,  the  top  half  of  the  9290  clam  shell 
holds  the  color  display.  The  bottom  half  holds  a  full 
QWERTY  keyboard  and  other  buttons  to  access  applica¬ 
tions  and  for  navigation. 

The  phone  part  runs  on  the  GSM  circuit-switched  net¬ 
work.  Anyone  familiar  with  Nokia  phones  will  recognize 
the  menu/keypad  operations.  An  odd  feature  is  that  to  use 
the  phone  without  the  included  headset  (that  is,  holding 
it  to  your  ear), you  have  to  turn  the  phone’s  display  away 


Hands-on  test  of  Nokia’s  9290 


from  you.  Walking  through  an  airport  talking  to  the  back 
of  the  phone  might  get  you  some  funny  looks. 

On  the  PDA  side,  the  9290  integrates  with  personal  infor¬ 
mation  manager  software  such  as  Outlook  and  Lotus 
Notes  (calendar,  contacts,  etc.).  It  also  has  a  telephone 
directory  e-mail  capabilities  (and  Short  Message 
Service),  Internet  surfing  (including  Wireless 
Application  Protocol  and  normal  HTML-type 
browsing),  and  extras  such  as  a  calculator, 
alarm  clock,  image  viewer  and  voice  recorder 
(which  can  play  MP3  files  after  you  convert 
them  to  WAV  files  via  the  included  convert¬ 
er  application).  The  Office  button  gives 
access  to  Word,  Excel  and  PowerPoint 
documents,  letting  you  create,  view  and 
edit  these  types  of  files  (except  Power¬ 
Point,  which  is  “view  only”). For  expan¬ 
sion,  the  9290  Communicator  has  a 
SecureDigital/MultiMedia  Card 
slot.  This  can  be  used  to 
store  extra  documents  or 
applications. 

All  these  applica¬ 
tions  loaded  onto  the 
9290  gave  me  the  feeling 
that  I  could  leave  the  lap¬ 
top  at  home  when  going 
on  the  road.  While  the 
keypad  was  not  as  great 
as  a  laptop’s,  it  wasn’t 
awful  either.  Being  able  to 
view  and  edit  Word  and  Excel 
files  is  a  very  cool  feature. 

A  big  downside  to  the  device  is  its  reliance 


on  the  GSM  network  for  data  transfer.  Because  of  its  cir¬ 
cuit-switched  nature,  the  GSM  network  is  painfully  slow 
for  e-mail  and  Internet  connectivity. This  is  even  more  of 
an  issue  when  you  consider  other  converged  devices 
that  can  (or  soon  will)  access  higher-speed  General 
Packet  Radio  Service  and  Code  Division 
Multiple  Access  2000  lxRTT  networks. 

On  the  plus  side,  the  coverage  area  for  GSM  is  a 
lot  greater  than  the  high-speed  networks,  so  users 
will  be  able  to  use  the  9290  in  more  areas.  While 
the  device  will  not  give  real-time  access  to  cor¬ 
porate  e-mail,  as  with  the  BlackBerry’s 
“push”  method,  it  can  be  used  to  pull 
down  corporate  e-mail.  Nokia  says  a 
third-party  application  called  Active 
Mail  can  help  users  get  that  “Black- 
Berry”  feeling. 

Still,  if  your  users  tend  to  send  and 
receive  a  lot  of  e-mail,  there’s  still  no 
competition  with  the  BlackBerry  However,  if 
your  users  don’t  need  their  e-mail  imme¬ 
diately  and  need  to  do  a  lot  of 
file  editing  (such  as 
in  Word  and 
Excel),  the 
9290  Commu¬ 
nicator  might 
be  a  good  fit. 

Shaw  can  be 
reached  at  kshaw@ 
nww.com. 


The  9290  opens  to  reveal 
its  PDA/handheld  computer. 
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Face-off  Do  software  pirates  deserve 


jail  time? 


Two  industry  leaders  debate  whether  the  punishment  fits  the  crime. 


YES,  by  Keith  Kupferschmid 


CHARLES  VOTAW 


oftware  piracy  is  big  business.  If  there  is  no  realistic  threat  of  jail  time,  a  soft¬ 
ware  pirate  will  consider  any  civil  remedies  or  criminal  fines  incurred  as  sim¬ 
ply  a  cost  of  doing  business.The  possibility  of  serving  time  in  prison,  therefore, 
is  essential  because  it  is  the  only  sanction  for  violating  the  copyright  law  that 
will  deter  software  piracy  and  punish  the  pirate  for  the  illegal  act. 

The  software  industry  has  been  plagued  by  piracy  for  years.  In  recent  years,  the  prob¬ 
lem  has  grown  worse. Technological  advances  have  made  it  easy  for  anyone  to  repro¬ 
duce  and  distribute  copyrighted  works  anywhere,  anytime  and  to  anyone.These  same 
technologies  have  made  large-scale  commercial  copyright  infringement  a  major  form 
of  theft  and  fraud  all  around  the  world.  On  the  Internet,  piracy  rings  distribute  illegal 
copies  of  copyrighted  software  at  a  scale,  and  a  rate,  previously  unimaginable.  A  grow¬ 
ing  number  of  these  piracy  rings  are  sophisticated  counterfeit  operations  involving 
organized  criminal  elements.  John  Sankus  Jr.,  co-leader  of  DrinkOrDie.the  largest  and 
oldest  organized  software  piracy  group  on  the  Internet,  recently  was  sentenced  to  the 
longest  term  ever  imposed  for  Internet  piracy:  46  months  in  prison. 

The  problem  of  software  piracy  threatens  to  impede  the  development  of  new  soft¬ 
ware  products  and  services.  Thousands  of  small  software  companies  struggle  to  sur¬ 
vive,  dependent  on  a  commercially  successful  product.  Pirating  of  their  software  may 
result  in  the  company  going  out  of  business  or  not  being  able  to  generate  enough  rev¬ 
enue  to  invest  in  the  new  products,  harming  not  only  the  software  creator  but  also 
users  who  want  new  and  different  software  applications.  Users  who  purchase  pirated 
software  also  are  harmed  because  they  receive  no  documentation,  no  customer  sup¬ 
port  and  no  information  about  product  updates. 

Software  piracy  is  a  federal  crime.  Commonly  defined  as  the  willful  copying  or  dis¬ 
tribution  of  software  for  commercial  or  private  financial  gain,  it  is  theft.  Like  all  thieves, 
the  perpetrators  of  these  crimes  deserve  punishment.  The  punishment  must  be  suffi¬ 
cient  to  remove  the  financial  reward  from  pirating  software  and  to  deter  future  acts  of 
piracy.  For  many  software  pirates  the  threat  of  jail  time  is  the  only  sanction  that  satisfies 
these  criteria. 

The  Software  &  Information  Industry  Association  (SI1A)  has  had  an  active  antipiracy 
program  for  more  than  15  years  —  conducting  software  audits,  edu¬ 
cating  the  public  and  filing  complaints  against  alleged  pirates. 

During  this  time.SIIA  has  sought  criminal  penalties  against  only  the 
most  flagrant  pirates.  Unfortunately,  we  are  encountering  these  egre¬ 
gious  software  pirates  more  often.  Increasingly,  we  have  no  alterna¬ 
tive  but  to  seek  criminal  sanctions  against  them. Thankfully,  we  have 
the  threat  of  possible  imprisonment  at  our  disposal.  Without  it,  we 
would  find  ourselves  in  the  fight  without  a  weapon. 


GUY  GILCHRIST 


NO,  by  Jennifer  Granick 


Kupferschmid  is  vice  president,  intellectual  property  policy  and 
enforcement  for  SIIA,  which  is  the  principal  trade  association  for  the 
software  and  digital  content  industry.  He  can  be  reached  at 
keithk@siia.net.  Cases  of  retail,  corporate  and  Internet  piracy  or  non- 
compliance  with  software  licenses  can  be  reported  on  the  Internet  at 
www.siia.net/  piracy /report/default. asp  or  by  calling  the  Anti-Piracy 
Hotline  at  (800)  388-7478. 


More  online! 

Log  on  to  Network  World  Fusion  to  voice  your 
opinion  on  this  topic.  Face-ofF  authors  Keith 
Kupferschmid  and  Jennifer  Granick  will  add 
their  thoughts  to  the  discussion. 

DocFinder  1022 


In  1976,  the  film  industry  filed  a  lawsuit  to  kill  the  VCR,  amid  hyperbolic  claims  that 
copying  TV  broadcasts  would  strangle  the  movie  business.  Today  the  industry 
makes  a  handsome  profit  from  videotape  releases.  In  2001,  the  content  industries 
revved  up  the  hyperbole  engines  again  in  their  successful  campaign  to  hobble 
Napster  and  efforts  to  stop  file-sharing  systems  such  as  Morpheus. 

The  software,  music  and  movie  businesses  have  labeled  copyright  infringers  “pirates”  to 
discourage  copying  and  encourage  criminal  prosecution  when  copying  occurs.  Yet  the 
idea  that  small-scale,  noncommercial  copyright  infringers  are  criminals  is  new.  Until  five 
years  ago,  only  bootleggers  who  mass-produced  infringing  copies  for  commercial  sale 
were  prosecuted.  Small-scale,  noncommercial  infringement  was  legal.  This  is  because 
copyright  law  protects  different  social  values  than  theft  laws  do. 

If  I  steal  your  wallet,  it’s  gone.  But  if  I  make  an  unauthorized  copy  of  a  book  you  wrote, 
you  still  can  sell  the  book.  Copyright  law  simply  prefers  that  you  make  the  copies  so 
that  you  can  collect  any  revenue  from  sales  of  your  book,  making  it  worth  your  while 
to  write  the  book  in  the  first  place.  Laws  against  theft  protect  ownership  rights.  Laws 
against  infringement  balance  incentives  for  you  to  be  creative  with  the  benefits  of 
allowing  creative  uses  of  the  work  by  other  people. 

Before  the  Internet,  noncommercial  infringement  did  not  substantially  interfere  with 
profit  streams. Today,  we  have  the  ability  to  instantaneously  trade  thousands  of  files  in 
digital  format  without  any  degradation  of  quality.  Noncommercial  copying  now  chal¬ 
lenges  the  way  content  companies  do  business.  As  a  result,  the  industries  convinced 
Congress  in  1997  to  make  small-scale,  not-for-profit  infringement  a  crime  punishable  by 
up  to  five  years  in  prison. 

But  the  call  for  people  who  create  or  use  file-sharing  technology  to  be  imprisoned  goes 
too  far.  We  should  pause  before  imprisoning  people  for  something  that  was  not  a  crime  as 
little  as  five  years  ago.The  content  industry  might  describe  that  as  a  “loophole,”  but  it  more 
accurately  reflects  a  lack  of  public  consensus  that  we  should  send  people  to  jail  for  using 
technology  that  interferes  with  current  corporate  business  models. 

The  danger  to  the  content  industries  is  that  in  the  short  run,  they  are  losing  profits  to 
freeloaders,  and  in  the  long  run,  the  way  they  do  business  may  be  made  obsolete.  We 
should  protect  the  first  interest  without  precluding  the  possibility 
that  current  business  models  will  change  or  fail.  Companies 
should  be  able  to  recoup  lost  profits  now.  But  if  the  services  the 
software  and  record  industries  provide  become  less  valuable  in 
light  of  technological  evolution,  then  the  amount  of  their  profits 
ought  to  decrease  over  time. 

There  is  a  concern  that  a  better  music  or  software  business  will 
not  evolve  if  the  government  tries  to  apply  the  harsh  penalty  of 
imprisonment  in  copyright  cases. 

The  civil  judicial  system  is  the  best  place  for  companies  to  pur¬ 
sue  lost  profits.  Criminal  sanctions  wili  chill  the  adoption  of  new 
technologies,  and  perhaps  the  next  VCR  will  never  come  to  pass. 
I’m  glad  no  one  went  to  jail  for  recording  “The  Simpsons”  for  me. 


Granick  is  litigation  director  at  Stanford  Law  School's  Center  for 
Internet  and  Society.  She  can  be  reached  at  jennifer@granick.com. 
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John  Dix 

The  last 
telecom 
cowboy 


Last  week,  we  serenaded  the  telecom  cowboys  — 
Qwest’s  Joseph  Nacchio.WorldCom's  Bernie  Ebbers 
and  AT&T’s  C.  Michael  Armstrong  —  as  they  rode 
off  into  the  sunset.  But  there  is  one  cowboy  left,  and  he 
might  have  an  interesting  trick  up  his  sleeve. 

But  before  we  get  to  that,  let’s  take  a  step  back  and  look 
at  what  has  upset  the  telecom  cart. 

Theories  abound,  but  a  simple  and  direct  one  is  put 
forth  by  Scott  Cleland.CEO  of  Precursor  Group, a 
research  firm  for  institutional  investors: “Many  telecom 
companies  were  built  with  heavy  debt  assuming  high 
growth;  now  that  growth  has  slowed  and  projected 
demand  has  disappointed  —  the  math  doesn’t  work” 

(see  Cleiand’s  piece  about  Global  Crossing’s  bankruptcy, 
www.nwfusion.com,  DocFinder:  1025). 

The  debt  loads  are  indeed  enormous:  $26  billion  for 
Qwest,  $30  billion  for  WorldCom  and  $40  billion  for  AT&T 
(the  latter  will  change  when  AT&T  finishes  splitting  itself 
into  four  companies). 

But  the  heart  of  Cleiand’s  argument  is  that  the  antici¬ 
pated  uptick  in  service  demand  that  would  have  helped 
these  companies  pay  down  the  debt  never  materialized. 
“The  conventional  wisdom,  repeated  by  almost  everyone 
in  the  industry  from  1997  to  2001,  was  that  data  traffic 
growth  was  doubling  every  three  to  four  months  —  an 
extraordinary  800%  to  1600%  annual  growth  rate  from 
1996  through  2001.  Unfortunately,  it  simply  was  not  true. 
The  actual  growth  rate  had  been  closer  to  a  100%  to 
200%  annual  rate  since  1997.” 

Now  back  to  the  last  cowboy:  Philip  Anschutz,  founder 
of  the  fiber  company  that  became  Qwest  and  the  majori¬ 
ty  shareholder  with  18%.  Anschutz  is  a  billionaire  with 
investments  in  everything  from  sports  (he  owns  seven 
soccer  teams,  the  Los  Angeles  Kings  hockey  franchise 
and  25%  of  the  Lakers)  to  railroads,  oil  refineries  and 
pipelines.  Oh,  and  the  most  important  collection  of 
Western  art  in  the  country. 

And  now,  according  to  Boxoffice  magazine,  Anschutz 
has  quietly  put  together  a  movie  theater  empire.  Boxoffice 
estimates  that  various  deals  during  the  last  few  years 
have  left  Anschutz  with  20%  of  the  theaters  in  the  coun¬ 
try,  twice  as  many  as  the  largest  competitor. 

Why?  Digital  distribution  of  movies, Boxoffice  theorizes 
(see  www.nwfusion.com,  DocFinder:  1026). With  technol¬ 
ogy  advances,  Anschutz  could  become  a  “category¬ 
killing,  virtual  Wal-Mart  of  exhibition.” 

That  s  one  way  to  deal  with  the  problem  from  overesti¬ 
mating  demand:  finding  new  ways  to  generate  traffic. 
Anschutz  is  dreaming  big. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Chasing  rainbows 

Regarding  Janice  Roberts’  column  “The  network’s 
vanishing  edge”  (www.nwfusion.com,  DocFinder: 

9857) :  I  would  like  to  clarify  that  the  edge  of  the 
network  in  the  case  of  802. 1 1  is  about  100  feet  from 
the  access  point.  The  usual  security  patrol 
equipped  with  an  802.1 1  snooper  would  be  able  to 
handle  the  scenario  pretty  well.  Simple  precau¬ 
tions,  such  as  using  802.  lx,  also  can  make  network 
intrusion  almost  impossible. 

I  don’t  think  802.1 1  will  be  as  popular  in  corpora¬ 
tions  as  Roberts  thinks,  primarily  because  802.11 
would  not  be  able  to  handle  most  corporate  appli¬ 
cations,  as  they  tend  to  consume  high  bandwidth. 
And  most  corporate  employees  are  deskbound, 
so  there  is  no  real  need  for  mobility  Moreover,  you 
hardly  see  any  cordless  phones  in  companies. 

The  view  of  building  a  nationwide  network  of 
802.1 1  hot  spots  run  by  cafes,  lounges  and  restau¬ 
rants  is  probably  a  little  naive.  The  complexity  of 
such  a  network  would  far  exceed  the  networks  run 
by  an  incumbent  local  exchange  carrier.  This 
would  require  a  billing  system  like  the  credit  card 
system  —  hence  it  would  be  way  too  expensive  for 
the  benefits  hot  spots  provide. 

I  think  the  venture  capital  community  is  chasing  a 
rainbow  in  pursuing  enterprise  802.11  applications. 

Subrata  Goswami 
Acting  CEO 
Cudor 
Newark,  Calif. 

Not  interchangeable 

My  only  gripe  with  the  story  “Web  application  fire¬ 
walls  protect  data”  (www.nwfusion.com,  DocFinder: 

9858)  is  that  the  term  Web  application  firewall  is  not 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road.  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


interchangeable  with  application  firewall. 

Application  firewalls  have  been  around  longer 
and  support  more  protocols  than  HTTP  and  HTTP/ 
Secure.  Application  firewalls  have  also  been  around 
longer  than  Sanctum’s  AppShield,  eEye  Digital 
Security’s  SecurellS  or  Flicks’Titan.to  name  a  few. 

Phil  Kramer 
Consultant 

Systems  Solutions  Technologies,  LLC 
Nashville, Tenn. 

Good  partner 

Regarding  Thomas  Nolle’s  column  “Why  is  Cisco 
making  money?”  (www.nwfusion.com,  DocFinder: 

9859):  Another  reason  why  Cisco  is  still  around  is 
that  it  has  been  closer  to  the  channel  in  the  last  year, 
while  Nortel  has  all  but  disappeared.  Cisco  is  intro¬ 
ducing  products  that  fit  the  market,  is  increasingly 
able  to  play  in  the  small  and  midsize  business  space 
and  is  looking  at  ways  to  help  customers  spend 
money  with  Cisco.  Cisco  is  great  to  partner  with. 

David  Spatz 
Partner 

Network  Plumbing,  LLC 
Metuchen.NJ. 

Wireless  wave 

Regarding  “Marines  tackle  paperwork  with  wireless 
LAN”  (www.nwfusion.com,  DocFinder:  9860):This  is 
another  example  of  the  technology  wave  surging 
forward.  Wireless  is  coming  on  strong  and  has  tre¬ 
mendous  benefits.  The  flexibility  and  mobility 
aspect  alone  will  change  the  way  we  do  business. 
Security  continues  to  be  an  issue  for  military  cus¬ 
tomers,  but  this  will  be  resolved  soon. 

Matthew  Lutz 
Senior  network  engineer 
CMS  Information  Services 
Vienna, Va. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics. 
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FINANCIAL  ANALYSIS 

Henry  Fiallo 


sing  return  on  investment  analysis  for  IT 
projects  is  a  waste  of  time  unless  you 
build  a  “structure  of  fulfillment”  directly 
into  the  project  plan.  A  structure  of  fulfillment 
is  a  way  to  ensure  that  the  project’s  purported 
financial  benefits  actually  are  realized. 

Many  companies  use  ROl  to  justify  expendi¬ 
tures  on  technology  projects.  Time  is  spent  on  sophisticated  spread¬ 
sheet  modeling,  debating  the  benefits  to  be  realized.  Once  the  debate 
ends  and  the  “approvers”  finally  are  convinced,  more  time  is  spent 
building  sophisticated  project  plans,  preparing  for  and  executing  the 
implementation. 

However,  many  companies  do  not  perform  a  postimplementation 
review  to  assess  whether  the  benefits  have  been  realized.  Even  when 
a  post-implementation  review  is  carried  out,  many  companies  find 
the  benefits  fall  short  of  the  predetermined  payback. 

How  can  this  all-too-familiar  scenario  be  averted? 

•  Assumptions  should  be  conservative  and  scrutinized.  Any  estimates 
should  be  on  the  low  side, and  hard  dollars  should  be  easily  justifiable. 
Other  benefits  that  cannot  be  tied  directly  to  hard  dollars  should  be 
extremely  conservative  and  agreeable  to  the  entire  company 

•  The  benefiting  department  should  pitch  the  project  and  take 
ownership  for  the  benefits.  It  should  be  clear  which  department  or 
group  will  benefit  from  implementing  the  technology. 

•  A  methodology  for  taking  the  savings  to  the  bottom  line  —  the 


Making  sure  ROl  is  realized 


structure  of  fulfillment  —  should  be  built  directly  into  the  project  plan. 

If  benefits  include  the  need  for  fewer  employees,  then  layoffs 
should  be  included  in  the  project  plan.  In  some  cases,  the  benefits 
will  include  the  elimination  of  assets.  At  one  company  I  worked  for, 
we  implemented  a  system  that  let  us  to  do  more  with  fewer  vehicles. 
The  project  plan  included  steps  to  eliminate  excess  vehicles  and 
established  lower  operating  budgets  for  the  remaining  fleet  in  each 
of  the  next  three  quarters  as  the  system  ramped  up. 

In  other  cases,  a  project  will  call  for  increasing  sales  by  improving 
customer  information  or  by  increasing  the  average  purchase  order 
through  better  interaction  with  customers.  In  these  instances,  the  struc¬ 
ture  of  fulfillment  should  include  sales  improvement  metrics  as  part  of 
the  project  plan.The“buy  in”should  include  higher  sales  quotas,  based 
on  the  benefits  agreed  on  when  the  project  was  approved. 

1  have  worked  in  companies  where  ROl  was  a  battleground,  and 
where,  even  after  the  initial  battle  for  a  project  was  won,  the  firm  lost 
out  when  benefits  were  never  realized.  1  have  also  worked  with  peers 
to  build  a  structure  of  fulfillment  and  gain  buy-in  to  ensure  that  ben¬ 
efits  were  brought  to  the  bottom  line.  Did  this  guarantee  a  perfect 
outcome?  Hardly.  But  by  having  a  structure  of  fulfillment,  we  were 
convinced  we  had  a  fighting  chance  to  achieve  ROl.  1  suspect  you 
will  be,  too. 


Many  companies 
do  not  perform  a 
postimplementa¬ 
tion  review  to 
assess  whether 
the  benefits  have 
been  realized. 


Fiallo,  former  CEO  of  Enterasys  Networks,  is  an  independent  consultant 
based  in  Hampton  Falls,  N.H.  He  can  be  reached  at  henry@fiallo.com. 


ABOVE  THE  CLOUD 

James  Kobielus 


f  orkflow  technologies  are  everywhere, 
having  been  embedded  in  a  range  of 
development  tools,  network  applica¬ 
tions  and  Web  services.  Workflow  standards 
are  everywhere,  too,  but  they  never  seem  to 
jump  the  gap  from  hopeful  press  releases  to 
broad  adoption. 

So  it’s  with  considerable  skepticism  that  we  should  greet  the  recent 
announcement  that  the  Workflow  Management  Coalition  (WfMC)  and 
the  Business  Process  Management  Institute  (BPMI)  have  agreed  to  con¬ 
verge  their  efforts  to  define  XML-based  workflow-process  definition 
standards.  Potentially,  the  alliance  could  bring  WfMC’s  XML  Process 
Definition  Language  (XPDL)  and  BPMI’s  Business  Process  Markup 
Language  (BPML)  under  a  common  standards  initiative. 

This  alliance  looks  good  on  paper,  but  it  doesn’t  bring  the  workflow 
industry  much  closer  to  its  longtime  goal  of  defining  universal  stan¬ 
dards  and  services  that  span  all  vendors  and  applications.  The  core 
problem  is  that  there  are  too  many  workflow  standards.  More  to  the 
point,  no  new  workflow  standard  ever  seems  to  gain  the  industry 
momentum  necessary  to  push  others  to  extinction. 

The  WfMC/BPMI  alliance  says  nothing  about  whether  other  groups 
will  converge  their  specifications  into  a  common  industry  standard. 
Rival  workflow-process  definition  standards  include  the  Object  Man¬ 
agement  Group’s  Unified  Modeling  Language,  the  Organization  for 
the  Advancement  of  Structured  Information  Standards’  ebXML 
Business  Process  Schema,  the  World  Wide  Web  Consortiums  Web 
Services  Conversation  Language  and  RosettaNet’s  Partner  Interface 
Process. 

Workflow  standards  would  be  implemented  widely  if  vendors  had 
good  reasons  for  doing  so.  However,  it’s  not  clear  why  vendors  would 
want  to  rally  around  any  one  workflow-process  definition  specification 
or  any  standard  that  defines  how  one  product  environment  hands  off 
running  workflows  to  other  vendors’  environments. 

Workflow  vendors  differentiate  themselves  competitively  on  the 
depth, sophistication  and  flexibility  of  their  process  definition  tools  and 


Still  no  universal  workflow 


run-time  platforms  (the  latter  commonly  are  known  as  “workflow  en¬ 
gines”).  No  standard  workflow  languages  match  the  complete  func¬ 
tionality  of  high-end  workflow  vendors’  process  definition  features  — 
and  that’s  by  design.These  standards  support  a  bare  common  denom¬ 
inator  of  workflow  design  features,  which  keeps  vendors  from  adopting 
any  one  standard  widely  and  also  spurs  new  vendor  coalitions  to 
develop  new  standards  to  address  deficiencies  with  existing  standards. 

A  more  fundamental  issue  is  the  fact  that  few  users  are  demanding 
standards  for  interoperating  diverse  vendors’  workflow  tools  and 
engines.  Organizations  generally  implement  workflow  products  as 
stand-alone  point  products  for  particular  applications,  not  as  compo¬ 
nents  in  general-purpose,  multivendor  workflow  infrastructures. 

Where  standards  are  concerned,  the  workflow  industry’s  best  hope  is 
that  a  sufficient  number  of  platform  vendors  get  religion  soon  about 
the  need  for  general-purpose  workflow  services  that  span  application 
categories.  Universal  implementation  of  workflow  standards  won’t  take 
place  until  Microsoft  supports  one  or  another  open  standard. 

But  that’s  not  likely  to  happen  soon.  Microsoft’s  product  line  is  symp¬ 
tomatic  of  the  fragmented  state  of  the  workflow  market.  It  has  four  ser¬ 
ver  products  that  may  be  regarded  as  workflow  environments:  BizTalk 
Server,  Exchange  Server,  SQL  Server  and  Content  Management  Server. 
Microsoft  has  shown  little  interest  in  converging  these  products  around 
a  general-purpose  workflow  architecture  under  its  .Net  framework. 

Which  brings  us  back  to  the  question  of  why  Microsoft  or  any  other 
vendor  should  go  to  the  trouble  of  integrating  such  diverse  products 
around  common  workflow  standards.  The  market’s  not  asking  for  it. 
And  so  many  diverse  product  categories  offer  workflow  that  no  single 
standard  can  adequately  address  all  of  their  requirements.  Con¬ 
sequently,  at  this  point  in  the  workflow  market’s  development,  the  call 
for  common  standards  is  more  of  an  academic  exercise  than  a  practi¬ 
cal  endeavor. 


Workflow 
standards  would 
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Kobielus  is  a  senior  analyst  with  The  Burton  Group,  an  IT  advisory 
service.  He  can  be  reached  at  (703)  924-6224  or  jkobielus@burton- 
group.com.  The  opinions  expressed  are  his  own. 


Security  Training  Tools  at 
Your  Fingertips: 


@ 

VIRTUAL 


Virtual:  Online  Webcasts 
•  Microsoft  Windows  2000  Security 


WEB-BASED 


Web-based:  Online  courses, 
certification  tracks  and  online  learning 

•  Network  Security  1:  Policy 

•  Administration  and  Firewalls 


HANDS-ON 


Hands-on:  Classroom  learning 
with  state-of-the-art  equipment 

•  Cisco  Security  Specialist  Boot  Camp 

•  Foundstone  Ultimate  Web  Hacking 

•  Secure  Communications  and  VPNs 
and  many  more! 


CD-ROM 


CD-Rom:  Interactive  software  for 
self-study  training  and  certification 

•  Managing  Cisco  Network  Security 

•  Microsoft  Windows  2000  Security 


Books:  Self-paced,  self-study 
training  and  certification 

•  Firewalls:  A  Complete  Guide 

•  Security  in  Computing 

•  Intrustion  Detection 

•  and  many,  many  more! 


NetSmart  is  packed  with  all  the  IT  learning  tools  you  need  to  advance 
your  skills,  build  your  knowledge  and  be  successful.  No  more  tedious 
researching  of  catalogs,  libraries  and  books  for  appropriate  options 
and  programs.  Just  point,  click  and  buy  the  training  that  fits  your 
style  and  budget  at  www.nwnetsmart.com. 

Check  out  our  growing  list  of  preferred  partners: 

Amazon.com,  Boson  Software,  Cisco  Press,  Global  Knowledge, 
Infinity  I/O  and  LearnKey! 


www.nwnetsmart.com 
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Handheld 
network  analyzers 


Essential 
tools  for  your 
network 
first-aid  kit 


Wm  BY  BARRY  NANCE,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

hen  your  network  is  sick,  you  become  the  network  doctor.  One  tool  in 
your  “little  black  bag”  of  diagnostic  tools  should  be  a  handheld  network 
analyzer. These  devices  can  reveal  cable  faults,  detect  chattering  network 
adapters,  identify  switch  malfunctions  and  determine  the  nature  of  a  router  malady 
These  are  the  problems  that  cause  most  network  infrastructure  failures.  Having  the 
right  network  testing  tools  can  save  hours  or  even  days  of  network  downtime. 


When  trouble  strikes,  you’ll  want  to  be  ready  to  quickly  diagnose  the  problem. 

Protocol  analyzer  software  on  a  notebook  computer  can  be  helpful  when  you’re  try¬ 
ing  to  diagnose  a  network  problem,  but  a  protocol  analyzer  can’t  tell  you  whether  a 
cable  contains  a  broken  wire,  some  insulation  has  chafed  from  a  cable  or  a  sick  net¬ 
work  adapter  is  behaving  strangely  (You  can  brush  up  on  your  cable  testing  terms  and 
concepts,  go  online  to  www.nwfusion.com,  DocFinder:  1024). 

Handheld  network-testing  device  vendors  have  included  several  protocol-analysis 
functions  inside  what  were  formerly  just  cable-testing  tools.The  vendors  say  the  tools 
can  quickly  spot  problems  ranging  from  cable  faults  to  overutilization.  To  test  these 
claims,  we  invited  vendors  to  submit  handheld  devices  to  our  lab  for  evaluation.  We 
looked  for  fast,  accurate  determination  of  cabling  and  other  network  problems;  some 


Net  Results 


NetTool  Connectivity  Tester 

Company:  Fluke  Corp.,  (800)  443-5853,  www.fluke.com  Cost:  Starts 
at  $900.  Pros:  Offers  essential  cabling  and  network  health  tests 
for  an  excellent  price.  Cons:  User  interface  isn't  as  pretty  as  that 
of  the  other  products. 

OneTouch  Series  II  Network  Assistant 


4.8 

RATING 


Company:  Fluke  Corp.,  (800)  443-5853,  www.fluke.com  Cost:  Starts 
at  $4,200.  Pros:  Sports  more  features  than  NetTool,  includes  a 
cool  touch-screen  interface.  Cons:  Remaining  battery  life  icon 
needs  to  be  more  prominent. 

OptiView  Network  Analyzer 

Company:  Fluke  Corp.,  (800)  443-5853,  www.fluke.com  Cost:  Starts 
at  $13,000.  Pros:The  ultimate  network  diagnostic  tool;  nice  touch¬ 
screen  Windows  interface  with  protocol-analysis  functions  and  a 
cable-testing  capability.  Cons:  Pricey;  documentation  lacks  depth. 

FrameScope  350  with  DualRemote  350  option  (necessary  for  cable  tests) 


Company:  Agilent  Technologies,  (877)  424-4536,  http://wirescope. 
comms.agilent.com  Cost:  FrameScope  costs  $6,000,  DualRemote 
option  costs  $2,000.  Pros:  Color  touch-screen  interface,  compre- 
RATING  hensive  network  diagnostics.  Cons:  Pricey,  especially  with  Dual- 
Remote  option. 

Pinger  Network  IP  Test  Tool 


Company:  Psiber  Data  Systems,  (619)  287-9970,  www.psiber.com 
Cost:  $350  Pros:  Low  cost,  easy  to  use.  Cons:  Only  performs 
ping  operations  to  diagnose  connectivity. 


45 

RATING 


ability  to  transfer  data  into  a  PC  for  further  analysis 
and  reporting;  ease  of  use;  and  a  reasonable  price. 

We  particularly  wanted  a  device  to  be  able  to  diag¬ 
nose  problems  on  a  live  network,  not  just  at  cable 
installation  time. 

Agilent  Technologies  submitted  FrameScope  350 
Network  Performance  Analyzer  kit,  which  includes 
FrameScope  350  and  DualRemote  350.  Psiber  Data 
Systems  shipped  us  its  Pinger  Network  IP  Test  Tool. 

Fluke  Corp. sent  us  three  tools,  NetTool  Connectivity 
Tester,  OptiView  Network  Analyzer  and  OneTouch 
Series  II  Network  Assistant.  Because  Fluke  recently 
acquired  another  handheld  testing-tool  vendor, 

Microtest,  we  let  Fluke  submit  three  products  for  this 
review.  Ideal  Industries  declined  to  send  its  Lantek  7, 
saying  the  device  is  just  for  checking  new  cable 
installations. 

In  selecting  a  winner,  we  discovered  that  two  of  the  Filled  with  essential  features, 
five  products  were  worthy  of  a  World  Class  Award.  NetTool  is  small,  light,  inex- 
Fluke's  NetTool  gets  the  official  World  Class  nod  '16"sl,e  and  extremely  capable, 
because  it  accurately  pinpointed  cabling  and  net¬ 
work  faults  with  aplomb,  and  without  a  fancy  color  display  or  extra  bells  and  whistles. 


Pricing  differences 

Fluke’s  NetTool  ($900)  offers  a  basic  set  of  essential  features  for  detecting  problems 
such  as  cable  faults, link  configuration  errors, odd  network  adapter  behaviors,  network 
health  ailments  and  unresponsive  servers.  Although  the  NetTool’s  user  interface  and 
results  display  are  simple  and  utilitarian,  it  has  almost  as  many  diagnostic  features  as 
Agilent’s  FrameScope  350  ($6,000)  and  the  OneTouch  Series  II  Network  Assistant 
($4,200)  for  a  fraction  of  the  price.  Both  the  FrameScope  350  (2.6  pounds)  and  the 
OneTouch  (1.7  pounds)  are  heavier  touch-screen  cable  fault  and  network-diagnos- 
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What’s  the 
score? 

WINNER 

T 

NetTool 

OneTouch 

OptiView 

FrameScope* 

Pinger 

Administration  20% 

5 

5 

5 

5 

|5 

Range  of  tests  20% 

4 

4 

4 

4 

2 

Reports  20% 

5 

5 

5 

5 

2 

Ease  of  use  15% 

5 

5 

5 

4 

3 

Price  15% 

5 

3 

2 

3 

4 

Documentation  10% 

5 

— 

5 

4 

_ j 

4 

3 

TOTAL  SCORE 

4.8 

4.5 

4.25 

4.25 

3.15 

Individual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given  each  category  in  determining  the  total  score.  ■  Scoring  Key:  5:  Exception  ':  showing  in  this  category. 
Defines  the  standard  of  excellence.  4:  Very  good  showing.  Although  there  may  be  room  for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  snowing  in  this  category.  Product  was 
neither  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked  some  features,  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently  sub, oar,  or  lacking  features  being  reviewed 
*  With  DualRemote  350  option  for  cable  tests. 
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Its  color  touch  screen,  Windows  interface  and 
combination  of  protocol  analysis  and  cable¬ 
testing  features  makes  OptiView  the  ultimate 
handheld  network  test  tool. 

tic  tools,  while  NetTool  is  a  lightweight  five- 
key  LCD-screen  unit.  The  Psiber  Pinger 
($350)  is  an  8.7-ounce,  easy-to-carry,  19-key 
device  that  pings  from  one  to  eight  IP  ad¬ 
dresses  via  Internet  Control  Messaging  Pro¬ 


tocol  (ICMP)  packets. 

Fluke’s  OptiView  Network  Analyzer 
($13,000),  the  heaviest  device  at  6.2 
pounds,  is  the  ultimate  network-diagnostic 
tool.  It’s  a  full-blown  touch-screen  protocol 
analyzer  outfitted  with  comprehensive 
cable-testing  capabilities. 

Physical  features 

The  simple  but  utilitarian  NetTool  has 
four  cursor  buttons,  a  select  button  and  a 
power  button. Getting  used  to  touching  the 
buttons  with  just  the  right  amount  of  pres¬ 
sure  takes  some  practice.  The  screen  is  a 
simple  eight-line  monochrome  LCD  with 
rudimentary  but  easily  recognizable  icons 
for  network  devices  and  basic  operations 
such  as  navigating  the  different  screens. 
The  user  interface  is  practical,  straightfor¬ 
ward  and  surprisingly  intuitive.  The  initial 
screen  offers  two  choices:  autotest  and  de¬ 
vice  configuration. Selecting  autotest  when 
the  unit  is  attached  to  a  cable  with  a  wire- 
map  plug  at  the  other  end  invokes  the  Net- 


Tool’s  cable-testing  functions.  Choosing 
autotest  when  the  unit  is  attached  to  a  hub 
or  switch  displays  network  health,  link  con¬ 
figuration  and  other  network-diagnostic 
test  results.  If  you  connect  a  network  device 
to  one  of  NetTool’s  two  RJ-45  ports  and 
connect  the  other  R.M5  port  to  that  de¬ 
vice’s  network  cable,  autotest  collects  and 
shows  identifying  information  and  traffic 
statistics  for  the  network  device. 

The  OneTouch  sports  a  monochrome 
touch  screen.  Fluke  doesn’t  supply  a  stylus 
with  the  OneTouch,  but  we  didn’t  need 
one.  Fingertips  worked  just  as  well  on  the 
well-spaced  icons  that  Fluke  designed. The 
display  updates  continuously, and  touching 
a  screen  navigation  icon,  device  icon,  IP 
address  or  other  on-screen  element  lets 
you  quickly  drill  down  to  see  more  detail 
or  to  perform  a  specific  operation. 

The  FrameScope  has  a  beautiful,  color 
LCD  touch  screen  that  is  a  dream  to  oper¬ 
ate  with  or  without  the  supplied  stylus.The 
DualRemote  350  is  a  slave  unit  that  needs 


no  user  interaction,  but  it  has  16  LEDs  that 
display  cable-testing  results  such  as  attenu¬ 
ation  errors,  split  pairs,  NEXT  errors,  return 
loss  errors  and  ELFEXT  errors.  The  Frame- 
Scope’s  screens  are  not  quite  as  intuitive  as 
those  of  the  OneTouch,  but  only  a  few 
moments  are  needed  to  get  used  to  them 
each  time  the  machine  is  powered  on  and 
to  go  searching  for  trouble  on  the  network. 
Unfortunately  FrameScope  doesn't  use  its 
list  of  discovered  nodes  to  establish  a  de¬ 
fault  collection  of  network  devices  to  test. 
You  must  manually  add  devices  to  a  par¬ 
ticular  autotest  suite. 

Imagine  a  color  notebook  computer  run¬ 
ning  Windows.  Now  take  away  the  key¬ 
board  and  give  the  computer  a  touch¬ 
screen  display  with  a  well-designed,  easy- 
to-navigate  icon-based  user  interface.  In¬ 
stall  protocol-analysis  software  on  the  com¬ 
puter  and  a  network  interface  that  can  run 
cable  fault  diagnostics  and  measurements. 
Voila!  You’ve  created  an  OptiView  Network 
See  Analyzers,  page  36 


Comparing  the  handheld  network  analyzers 


PRODUCT 

PRICE 

CABLE  TESTS 

NETWORK  TESTS 

BATTERY  TYPE  &  LIFE 

Fluke 

NetTool 

$900 

•  Determines  cable  length. 

•  Detects  opens  (broken  wires),  short 
circuits  and  split  pairs. 

•  Displays  whether  Ethernet  wall  outlet  is 
live  and  what's  at  the  other  end  of  the 
connection. 

•  Determines  line  speed,  full/half  duplex, 
polarity  and  segment  ID. 

•  Discovers  and  identifies  IP  servers  by  looking  for  DHCP,  DNS,  SMTP,  POP,  IMAP, 
HTTP  and  WINS  protocol  traffic. 

•  Uses  NetWare  Core  Protocol  over  IPX  to  find  NetWare  servers. 

•  Uses  Server  Message  Block  protocol  over  NetBEUI  orTCP/IP  to  find  Windows 
primary  domain  controllers,  back-up  domain  controllers  and  master  browsers. 

•  Locates  routers  based  on  IGRP,  EIGRP,  OSPF,  IRDP  and  RIP  protocol  traffic. 

•  Can  also  find  IP-,  IPX-  and  DLC-based  network  printers. 

•  Autotest  features  can  display  detected  problems  (including  line  speed  mismatches, 
wiring  errors  and  half/duplex  errors),  recognized  protocols  (alerts  you  when  NetTool 
encounters  specified  protocols),  identified  key  devices  (including  counts  of  DNS / 
DHCP  servers,  NetWare  servers,  Web  servers,  NetBEUI/NetBIOS  servers,  e-mail 
servers  and  printer  servers)  and  general  network  health  (identifying  short  frames, 
excessive  network  utilization,  NetWare  frame  type  mismatches  andTCP/IP 
addressing  errors  such  as  duplicates,  incorrect  subnet  masks  and  wrong 
gateway/router  addresses). 

4  double-A  alkaline 
batteries;  about  8 
hours  of  continuous 
use. 

Fluke 

OptiView 

$13,000 

•  Measures  cable  length. 

•  Displays  wiremap  information,  wire 
pairings,  impedance,  short  circuits,  opens 
and  split  pairs. 

•  Ethernet  Pro  Gigabit  model  tests 

10/100M  bit/sec  and  Gigabit  Ethernet 
networks. 

•  Shows  multiple  port  statistics  on  a  single  screen. 

•  Graphically  reveals  network  utilization  detail  at  various  levels,  such  as  local/remote 
and  the  entire  network. 

•  Identifies  top  talkers,  top  multicasters  and  top  broadcasters. 

•  Device  discovery  feature  finds  and  displays  hosts,  switches,  routers,  SNMP  hubs, 
SNMP  agents,  network  printers  and  network  stations. 

•  Network  discovery  identifies  and  categorizes  IP  subnets,  NetBEUI/NetBIOS 
domains  and  IPX  (NetWare)  segments. 

•  Protocol  statistics  display  all  protocols  on  network,  including  routing 
protocols. 

•  Problem  discovery  categorizes  events  as  errors,  warnings  or 
informational  entries;  pinpoints  devices  experiencing  problems. 

•  Generate  traffic  and  uses  RMON2  to  gather  information  about  the  network  as  it 
maps  its  topology. 

•  Captures  and  decodes  packets. 

Internal  and  external 
lithium-ion  batteries 
give  about  3.5  hours 
of  continuous  use. 

Fluke 
OneTouch 
Series  II 
Network 
Assistant 

$4,200 

•  Measures  cable  length. 

•  Shows  cable’s  wire  map. 

•  Detects  split  pairs,  opens  and  short 
circuits. 

•  Enter  custom  NVP  values  to  test  other 
cables  besides  Category  5/6E. 

•  XDSL  option  fortesting  DSL  connections. 

•  Autotest  function  discovers  network  devices  and  displays  icon-labeled  counts  of 

IP  servers,  NetBIOS  servers,  VoIP  servers,  VoIP  endpoints,  VoIP  gateways,  network 
printers,  subnets,  SNMP  responders,  NetWare  servers,  switches,  hubs,  local  stations 
and  remote  stations. 

•Touching  an  icon  shows  detail  such  as  IP  address,  MAC  address,  DNS  name,  SNMP 
data,  line  speed,  half/full  duplex,  domain  name,  frame  counts,  broadcast  counts, 
error  counts  and  subnet  masks. 

•  Pings  devices  via  ICMP  packets,  traces  routes  to  devices  and  queries 
devices  via  SNMP. 

Nickel  hydride  battery 
provides  about  2.5 
hours  of  continuous 
use. 

Agilent 

FrameScope 

$6,000  plus 
$2000  for 
optional 
DualRemote 
350 

•  Determines  cable  length. 

•  Can  test  Category  5E,  6  and  other 
(custom)  cables  in  either  link  config¬ 
uration  or  channel  configuration. 

•  Cable  certification  requires  DualRemote 
350;  tests  show  pass/fail  indication  plus 
specific  numbers  for  attenuation,  NEXT, 
return  loss,  ELFEXT  and  PSNEXT. 

•  Discovers  network  devices  and  displays  a  list  of  discovered  stations. 

•  Pings  devices,  traces  routes  to  devices,  and  queries  devices  via  SNMP 

•  Shows  a  range  of  statistics,  generates  specified  levels  of  network  traffic,  and 
performs  MAC  loopback  tests. 

•  Locates  a  cable’s  hub  or  switch  port  by  blinking  its  LED. 

•Tracks  network  errors  such  as  short  frames  or  jabbering  network  adapters. 

•  Manages  the  database  of  network  devices,  storing  it  in  firmware. 

•  Multiple  autotest  suites  let  you  put  sets  of  network  devices  in  named  groups  for 
separate  testing. 

Both  units  come  with 
a  nickel  hydride 
battery;  about  3  hours 
of  continuous  use. 

Psiber 

Pinger 

$350 

Not  applicable 

•  Emits  ICMP  ping  packets  to  test  IP  connectivity  to  one  to  eight  network  devices. 

•  Displays  success  or  failure  of  the  operation,  round-trip  time  for  the  packets  and 
indicates  whether  the  received  packets  match  the  contents  of  transmitted  packets 
or  if  packets  were  damaged  in  transit. 

4  double-A  alkaline 
batteries,  about  10  to 
12  hours  of  contin¬ 
uous  use. 

You're  reading 
this... 
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Plus: 
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Details. 
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•  Apply  for  your  free  subscription  to  Network  World 
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Analyzer 

continued  from  page  34 

Analyzer.  OptiView’s  user  interface  will  be 
instantly  second  nature  to  anyone  familiar 
with  Windows  who  can  use  a  stylus  to 
select  on-screen  icons,  buttons  and  data 
elements.  OptiViews  user  interface  has  an 
on-screen  virtual  keyboard, but  you  can  op¬ 
tionally  connect  a  standard  PC  keyboard 
to  an  OptiView. 

The  Pinger  has  19  keys  that  resemble  a 
telephone  keypad  with  extra  functions.  Just 
like  telephone  keypad  keys,  twelve  of  the 
keys  are  for  data  entry  of  names  and  IP  ad¬ 
dresses.  Four  are  cursor  keys,  and  the  re 
maining  three  are  function  keys  for  select¬ 
ing  on-screen  menu  items  such  as  exit, save 
and  setup. The  four-line  monochrome  LCD 
screen  is  a  bit  wider  than  a  typical  cell 
phone’s  screen.  Navigating  the  Pinger’s  few 
screens  is  a  breeze. 

All  the  units  come  with  batteries  and  AC 
adapters,  and,  to  conserve  battery  power, 
they  all  go  to  sleep  or  shut  down  after 
about  5  minutes  of  inattention. 

Fluke's  NetTool 

The  NetTool  can  run  cable  tests  to  deter- 


OneTouch's  monochrome  LCD  touch  screen 
has  a  well-designed  interface. 

mine  problems  such  as  cable  length  and 
whether  a  wire  is  broken.  Attaching  the 
supplied  wiremap  adapter  to  the  far  end  of 
a  cable  lets  you  see  whether  the  cable  is 
wired  correctly.  NetTool  also  can  show 
whether  a  network  is  using  Token  Ring  or 
Ethernet, and  can  also  detect  a  telephone 
company  connection  by  displaying  which 
pins  are  carrying  tip  and  ring  signals. 

Inserting  a  NetTool  between  a  network 
device  and  its  hub  or  switch  (it  includes 
two  RJ-45  ports)  provides  a  lot  of  useful 
information  about  the  device  and  its  net¬ 
work  connection. The  device  also  can  dis¬ 


play  the  network  device’s  name  and  IP1PX 
and  media  access  control  addresses,  along 
with  the  identity  of  servers  and  router  gate¬ 
ways  the  device  talks  to. 

NetTool  has  only  one  testing  function, 
labeled  autotest.  Selecting  it  gave  us  a  dis¬ 
play  showing  detected  problems,  recog¬ 
nized  protocols,  and  identified  key  devices 
and  general  network  health.  On  a  separate 
menu  screen,  NetTool  offers  a  speedome¬ 
ter-style  network  utilization  display  and  the 
ability  to  ping  IP  addresses. 

Fluke's  OneTouch  Series  II 

Even  more  versatile  than  the  NetTool, 
Fluke’s  OneTouch  Series  II  Network  As¬ 
sistant  is  everything  a  handheld  cable  and 
network-testing  device  should  be.  Only  its 
high  price  kept  it  from  the  top  spot. 

The  cable-test  mode  included  similar 
cable  tests  of  the  NetTool,  but  it  also  lets 
users  enter  custom  Nominal  Velocity  of 
Propagation  (NVP)  values  to  test  cables 
other  than  Category  5/6E.  It  also  has  an 
xDSL  option  for  testing  DSL  connections. 

The  OneTouch  network  diagnostics  are 
comprehensive.The  autotest  function  dis¬ 
covers  network  devices  and  displays  the 
result  as  icon-associated  counts.  Touching 
an  icon  brings  up  multiple  levels  of  con¬ 
siderable  detailed  information. 

Like  the  NetTool,  OneTouch  recognizes 
protocols  to  identify  devices  as  IP  servers, 
routers  or  other  devices.  Also  like  the  Net- 
Tool,  OneTouch  has  two  RJ45  ports,  so  the 
unit  can  be  inserted  between  a  network 
device  and  its  network  connection.  The 
OneTouch  can  ping  devices  via  ICMP 
packets,  trace  routes  to  devices  and  query 
devices  via  SNMP 

Agilent’s  FrameScope 

Agilent’s  FrameScope  initially  enters 
cable-test  mode  and  shows  the  length  of 
the  cable  it’s  connected  to,  among  other 
tests.  It  also  can  let  you  modify  details  such 
as  wire  pairings  for  Category'  5E  and  6,  but 
not  NVP  values.  FrameScope’s  cable  certifi¬ 
cation  tests  require  the  DualRemote  350 
option, a  $2,000  separate  unit  connected  to 
the  other  end  of  a  cable. 

Touching  the  network  icon  switches  the 
FrameScope  to  network  test  mode.  In  this 
mode,  FrameScope  offers  a  plethora  of 
diagnostic  functions.  In  contrast  to  Net- 
Tool’s  single  autotest  function,  FrameScope 
can  have  multiple  autotest  suites.  Each 
suite  represents  a  collection  of  one  or 
more  network  devices  you  want  to 
test.  Each  time  a  test  is  run,  you 
can  specify  which  suite  to  use, 
the  number  of  times  to  iterate 
the  test  and  the  number  of  min¬ 
utes  to  pause  between  itera¬ 
tions.  The  FrameScope  displays 
network  utilization  and  frame 
(by  unicast,  broadcast,  multi¬ 
cast  and  error  categories) 
counts  and  percentages 
along  with  protocol  (by  IR 
IPX  and  other  categories) 
counts  and  percentages. 

FrameScope’s  station  list 
shows  each  device’s  IP  ad- 


More  online! 

» Get  a  refresher  course  on  cable 
testing  terms  with  our  glossary. 
•  How  we  conducted  our  tests. 

DocFinder  1023 


The  FrameScope  350  sports  a  color  touch  screen 
wealth  of  cable-testing  features. 


dress  and  DNS  name  for  the  stations, 
servers,  routers  and  remote  stations  it  dis¬ 
covers  on  the  network.  Selecting  a  network 
device  from  the  list  reveals  details  about 
that  device,  such  as  frame  counts  and  per¬ 
centages  categorized  by  type  of  frame  — 
unicast,  broadcast,  multicast  and  error. 

Fluke's  OptiView  Network  Analyzer 

If  your  company  can  afford  it,  Fluke’s 
OptiView  Network  Analyzer  is  the  ultimate 
cable-testing  and  network-diagnostic  tool. 
The  OptiViews  cable-testing  feature  had 
basic  tests,  including  cable  length,  wiremap 
information,  short  circuits  and  the  like. The 
Ethernet  Pro  Gigabit  model  can  check 
10/100M  bit/sec  and  Gigabit  Ethernet  nets. 

The  OptiView’s  network  diagnostics  rival 
those  of  a  full-blown  protocol  analyzer.  It 
shows  multiple  port  switch  statistics  on 
one  screen,  which  lets  you  compare  switch 
port  traffic  levels  at  a  glance.The  multiport 
router  display  is  similarly  useful. The  Opti¬ 
View  graphically  reveals  network  utiliza¬ 
tion  details,  device  discovery  network  dis¬ 
covery  protocol  statistics,  problem  discov¬ 
ery  and  recognized  events.The  device  also 
can  generate  traffic,  map  topology  and  cap¬ 
ture  and  decode  packets. 

Psiber  Pinger  Network  IP  Test  Tool 

Psiber’s  Pinger  Network  IP  Test  Tool  is  a 
simple  device  with  a  single  purpose.  It 
emits  ICMP  “ping”  packets  to  test  IP  con¬ 
nectivity  to  one  to  eight  network  devices. 
The  Pinger  displays  the  success  or  failure 
of  the  operation,  the  round-trip  time  for  the 
packets  and  an  indication  of  whether  the 
contents  of  the  received  packets 
match  the  contents  of  the  trans¬ 
mitted  packets  or  whether 
the  packets  were  damaged 
in  transit. 


Odds  and  ends 

Except  for  the  Pinger,  all  the 
units  we  tested  can  transfer 
test  results  into  a  PC  via  a  ser¬ 
ial  link.  In  each  case,  getting 
the  transferred  data  into  a 
spreadsheet  or  database  for 
further  analysis  and  report¬ 
ing  is  completely  painless. 

The  NetTool’s  documen¬ 
tation  consists  of  a  user 


and  a 


guide  and  quick-reference 
card,  while  the  OneTouch 
comes  with  a  user  guide, “get¬ 
ting  started’’guide  and  a  quick- 
reference  card.  Both  sets  of 
documentation  were  more 
than  adequate. 

Because  the  FrameScope  is 
a  relatively  new  product,  its 
user  manual  was  a  prelimi¬ 
nary  draft  and  we  noted  a  few 
glaring  errors.  For  example,  the 
manual  said  the  FrameScope 
automatically  polls  your  net¬ 
work  and  discovers  devices 
when  you  power  it  on.  We 
found  that  the  unit  powered 
up  in  cable  test  mode.  The 
OptiView  comes  with  a  user 
guide  and  quick-reference  “at  a  glance” 
card.  The  user  guide  is  brief  and  doesn’t 
discuss  OptiView’s  many  features  with  as 
much  depth  as  we  would  have  liked. The 
Pinger’s  documentation  is  an  eight-page 
card-stock  booklet  that  contains  essential 
information  but  lacks  a  professional 
appearance. 

Conclusion 

Dropped  packets,  cable  faults,  failed  net¬ 
work  adapters,  misconfigured  devices  and 
sluggish  performance  are  client  session 
killers.  A  tool  that  can  reveal  cable  faults 
and  network  health  is  an  essential  require 
ment  in  any  network  administrator’s  first- 
aid  kit.  We  recommend  budget-conscious 
administrators  take  a  close  look  at  Fluke’s 
NetTool.  However,  for  those  with  lots  of 
bucks  to  spend  on  diagnostic  tools,  we  sug¬ 
gest  the  OneTouch  unit. 

Nance,  a  software  developer  and  consul¬ 
tant  for  29  years,  is  the  author  of  Intro¬ 
duction  to  Networking,  4th  Edition  and 
Client/Server  LAN  Programming.  He  can  be 
reached  at  barryn@erols.com 


Global  Test  Allia 


■  Nance  is  also  a  member  of  the 
Network  World  Global  Test  Alliance,  a  coop¬ 
erative  of  the  premier  reviewers  in  the  net¬ 
work  industry,  each  bringing  to  bear  years 
of  practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 

Other  members:  John  Bass,  Centennial 
Networking  Labs,  North  Carolina  State 
University.  Travis  Berkley,  University  of 
Kansas.  Bob  Currier,  Duke  University. 
Jeffrey  Fritz,  West  Virginia  University. 
James  Gaskin,  Gaskin  Computing  Services. 
Thomas  Henderson,  ExtremeLabs,  Inc. 
Miercom.  Inc.,  Network  Consultancy  and 
Product  Test  Center.  David  Newman, 
NetworkTest.  Inc.  Christine  Perey,  Perey 
Research  &  Consulting.  Independent 
Consultant.  Thomas  Powell,  PINT.  Joel 
Snyder,  Opus  One. 


Pressure-cooker  certification 

Two  IT  executives  detail  how  they  got  their  staffs  trained  quickly. 


■  BY  LINDA  LEUNG 

When  Stephen  Tucker  joined  Toronto’s  Baycrest  Centre  for  Geriatric 
Care  in  1999  as  manager  of  its  systems  and  operations  group,  his 
department  was  in  disarray  The  IT  support  team  was  staffed  mostly 


staffers  obtain  Microsoft  Certified  Systems 
Engineer  (MCSE)  certification  last  fall. 
Many  of  the  multifunctional  printer  manu¬ 
facturer’s  customers  use  Microsoft,  and  the 
company  needs  to  be  able  to  support  them. 

Although  10  of  the  engineers  already  had 
MCSE  certification  for  Windows  NT,  at  the 


by  volunteers.  The  700-user  net¬ 
work  was  down  at  least  twice  a 
day  and  users  calling  IT  were 
often  met  with  voice  mail. 


“No  one  had  IT  skills,  the  network  had  sev¬ 
eral  flavors  of  NetWare  and  [Windows]  NT, 
and  traffic  traveled  all  over  the  place.  It  was 
chaos,”  he  says. 

Tucker  educated  his  staff  —  which  num¬ 
bered  12  at  the  time  —  in  basic  IT  skills.  He 
has  since  been  promoted  to  IT  director,  and 
oversees  a  network  that  is  up  99.913%  of  the 
time.  He  manages  a  roster  of  14  paid  and 
certified  IT  professionals,  and  the  group 
fields  50  help  desk  calls  a  day 

Baycrest  targeted  CompTlAs  A+  and 
Network-i-  certifications  because  many  ven¬ 
dors  support  them.  A+  is  appropriate  for 
techies  with  six  months  experience  and 
covers  a  range  of  hardware  and  software 
technologies,  while  Network-f  is  geared  at 
professionals  with  between  18  and  24 
months  of  experience. 

Tucker  stocked  up  on  New  Riders 
Publishing  training  manuals,  and  set  up  a 
test  lab  using  10  old  PCs.  With  help  from  a 
vendor,  the  employees/students  studied 
during  their  lunch  hours  three  times  a  week 
for  three  months.  All  the  students  prepared 
for  A+  certification,  and  five  also  studied  for 
Network-)-  at  the  same  time.  Ffeople  took 
turns  leading  the  class,  while  Tucker  and  the 
consultant  directed  the  study. 

The  training,  including  manuals  and  tests, 
averaged  $250  per  person,  plus  the  depart¬ 
ment  spent  about  $5,000  on  food  for  the 
study  sessions.  Most  people  failed  the  A+ 
exam  on  their  first  attempt,  but  they  perse¬ 
vered  and  eventually  passed. 

Tuckers  employees  have  improved  their 
problem-solving  skills,  and  staff  turnover 
has  been  reduced  to  less  than  5%.  Now  any¬ 


one  who  joins  the  department  must  be  cer¬ 
tified,  and  Baycrest  will  reimburse  employ¬ 
ees  who  successfully  complete  an  exam. 

DeWayne  Cusick,  director  of  professional 
services  and  support  at  Konica  Business 
Technologies  in  Windsor,  Conn.,  also  sup¬ 
ported  his  employees’  efforts  to  obtain  IT 
certification.  Konica  had  to  have  20  of  its  92 


time  they  thought  they’d  have  to  recertify 
for  Windows  2000  by  year-end  to  maintain 
active  certification.  Microsoft  since  dropped 
the  requirement  and  now  awards  separate 
designations  for  MCSE  Windows  NT  and 
Win  2000. 

Cusick  worked  with  training  provider  New 
Horizons  to  develop  a  boot  camp  that  con¬ 


densed  30  days 
of  training  into 
10  days,  with 
weekends  and 
nights  reserved 
for  studying.The 
students  were 
flown  in  from 
around  the 
country  to  New 
Horizon’s  train¬ 
ing  facility  in 
Windsor,  and 
trained  for  12  to 
14  hours  per 
day.  Students 
had  access  to  a 
test  lab  and  also 
built  a  practice 
network  at  their 
hotel. When  students  took  the  MCSE  exams 
at  the  end  of  training,  18  of  them  passed  the 
first  time. 

The  boot  camp  was  successful  because  of 
peer  synergy  Cusick  says.“Everyone  helped 
each  other.  Those  guys  knew  each  other, 
and  there  was  camaraderie  to  ensure  that 
everyone  passed,”  he  says. 

At  a  cost  of  $63,000  per  10  employees  for 
manuals,  training  and  exams,  Cusick  also  is 
happy  with  the  cost  savings.  Traditional 
training  would  have  cost  at  least  $9,000  per 
student. 

“Individual  classes  also  have  soft  costs 
associated  with  pulling  employees  out  of 
productive  work  for  seven-plus  weeks,  plus 
study  and  test  time  vs.  two  weeks  for  a  boot 
camp,”  he  adds.  “If  1  factor  in  our  soft  cost 
savings,  this  alone  actually  paid  for  air 
transportation  and  hotel  costs  to  keep  all 
Konica  employees  together  in  Windsor” 

Tom  Huskisson.a  manager  of  professional 
services  at  Konica, attended  one  of  the  boot 
camps.  As  a  Master  Certified  Novell  Engin¬ 
eer  (CNE),  he  has  taken  many  traditional 
classes  and  feared  that  boot  camps  would 
not  be  as  thorough. 

“The  boot  camp  far  exceeded  my  expec¬ 
tations.  I  wasn’t  sure  how  much  I  would  get 
out  of  it  in  the  short  time  frame,”  he  says.“But 
the  instructor  was  good  at  eliminating  the 
typical  fluff  and  hit  the  key  parts  of  the  cur 
riculum.  I  learned  more  than  I  expected.”  & 


More  online! 


If  you're  interested  in  helping  your 
employees  get  certified  on  a  range  of 
topics,  such  as  internetworking, 
network  storage  or  security,  visit 
NetSmart,  Network  World's  source  for 
IT  learning.  Choose  a  classroom,  online 
or  self-paced  learning  style  that  meets 
your  time  and  budget  requirements. 
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Eliminate  Dangerous 


Hot  Spots  in  Your  Racks 
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Introducing  APC's  New  NetworkAIR"  RM  Air  Distribution  Unit 


Visit  www.apc.com  to  see  APC's  complete  line  of  award-winning  power 
and  cooling  solutions. 


Benefits  of  APC's  Air  Distribution  Unit: 


As  heat  densities  continue  to  grow  at  an  alarming  rate,  the  traditional 
methods  of  distributing  air  in  a  computer  room  aren't  adequate  to  deliver 
the  necessary  airflow  required  to  cool  today's  data  center  environments. 


APC  presents  the  NetworkAIR  RM  Air  Distribution  Unit,  a  compact 
2U  rack-mounted  fan  unit  that  works  with  an  existing  precision  air 
conditioning  system  to  deliver  cool  air  to  the  equipment  contained  in 
a  rack  enclosure.  An  air  curtain  is  evenly  distributed  to  the  front  of  the 
enclosure  which  provides  consistent  temperatures  from  top  to  bottom. 


•  Increases  airflow  to  rack  equipment 

•  Works  in  both  raised  floor  and  non-raised  floor  environments 

•  Compact  2U  design 

•  Minimizes  air  mixing 

•  Helps  maintain  optimal  environment  for  high  reliability 

•  Improves  air  quality  through  30%  efficient  air  filtration 

(as  per  the  ASHRAE  52.1-1992  standard) 

•  Evenly  distributes  cool  air,  improving  air  circulation 
inside  the  rack 

•  Ensures  maximum  uptime  with  redundant,  dual,  independ¬ 
ently  controlled  blower  fans  and  A-B  power  input  feeds 

•  Fits  APC's  NetShelter®  VX  enclosure  or  other  19" 
EIA-310-D  enclosures  with  removable  bottom  plates 


The  compact  (2U)  Air 
Distribution  Unit  installs 
at  the  bottom  of  the  enclosure  and  sup¬ 
plies  an  air  curtain  to  the  intakes  of  equip¬ 
ment  located  within  the  enclosure,  evenly 
distributing  cool  conditioned  air  throughout. 


Legendary  Reliability' 


Enter  to  WIN  a  FREE  NetworkAIR™  RM  Air  Distribution  Unit 

Visit  APC's  Web  site  at:  http://pmm0.apc.com  Enter  Key  Code  f857y  Call  888-289-APCC  x6458  Fax  401-788-2797 
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RowerFax:  (800)  347-FAXX  •  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Ftoad.  West  Kingston.  Rl  02892  USA 
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All  Boson  Software,  Inc  study  guides,  practice  tests,  andior  materials  is  no!  sponsored  by.  endorsed  by  or  affiliated 
with  ISC2.  SANS,  Cisco  Systems,  Inc.,  PfoSotl,  Inc,  Check  Point.  Inc,  Citrbt,  Inc.  Miciosoft.  Inc.,  or  any  other  company. 
Boson.  Boson  Software.  Boson  Tranng.  Router  University.  RoulerU,  Router  Emulator.  RouterEMU.  RoulerSim.  Krang. 
OuizWare.  Network  Emulator  Network  Simulator,  boson  com,  Boson  Router  Simulator,  and  Router  Simulator,  are 
Trademarks  or  Registered  Trademarks  of  Boson  Software.  Inc  in  the  United  Stales  and  certain  other  countries. 

AN  other  trademarks  are  trademarks  o(  their  respective  owners  Copyright  2002  Boson  Software.  Inc 
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2001  ♦ 
KVM  Access 
over  IP 


1999 
KVM  Access 
over  Cat5 


1988 
KVM  Access 
over  Coax 


KVM  Access 
Over 
Web  Browser 


TM 


If  having  remote  access  to 
your  servers  over  IP  means 
installing  proprietary  software 
or  PCI  cards,  that's  not 
convenient,  anywhere,  anytime 
access.  Introducing  the  new, 
multi-port  TeleReach®. 


TeleReach  is  the  easiest,  most 
secure  way  for  one  or  more 
users  to  remotely  access  and 
manage  multiple  servers 
through  a  KVM  switch,  from 
any  PC  running  the  Internet 
Explorer®  4.0  browser. 


To  see  and  feel  the  power  of 
remote  KVM  access  over  Web 
browser,  call  Raritan  Sales  at 
(800)  724-8090  to  sign  up 
for  a  live  demo  from  your 
own  desktop. 


wvtfw.rarftan.com 


800-724-8090 

732-764-8886 


Ran  tan  and  TeleReach  ere 


Intelligent  KVM  Switch  Technology 
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Rose  Electronics 

10707  Stancliff  Rd. 
Houston,  Texas  77099 

281-933-7673 


800-333-9343 


WWW.ROSE.COM 


CANADA  .  ENGLAND  .  FRANCE  .  GERMANY  .  BENELUX  ,  AUSTRALIA  .  SINGAPORE 
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ELECTRONICS 


Carver  fli 


The  UltraLink  is  the  Rose  Electronics  answer  to 
Modem  and  Ethernet  remote  access! 

Server  access  over  IP  technology  allows  you  to 
access,  control  and  provide  computer 
maintenance  from  anywhere  in  the  world.  Whei 
combined  with  Rose  KVM  switch  technology, 
server  management  administrators  can  have 
faster  access  saving  time  and  money. 


With  dial-in,  dial-back  security  and  high- 
resolution  quad  screen  and  SSL  encryption,  the 
UltraLink  raises  the  KVM  industry  bar  in  remote 
server  access. 


A  KVM  industry  pioneer,  Rose  Electronics  is 
recognized  for  superior  KVM  switch  technology. 
Product  integrity,  simplicity,  and  reliability  are 
the  hallmarks  of  all  Rose  products. 

Call  Rose  to  learn  more  about  remote  server 
management  today. 
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ICSA  Certified 
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System  Software 
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Features  include: 

•  High  Performance 

•  Built-in  IPsec  VPN 

•  Stateful  Packet  Inspection 

•  Dynamic  &  Static  NAT 

•  PPP  and  PPPoE  Support 

•  DHCP  Services 

•  DNS  Server 

•  Mobile  VPN  Client  Support 

•  Content  Filtering 

•  Gigabit  Ethernet 

•  Secure  Remote  Management 

•  Email  Proxy 


Sales:  (800)  775-4GTA 
>1.  (407)  380-0220 
Email:  info@gta.com 
Wet;:  http://www.gta.com 
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Firewall  Appliances 


RoBoX  Firewall 

Remote  office/branch  office  versatile  firewall 
appliance  for  offices  with  fewer  users. 


GB-1000  Firewall/VPN  Appliance 

High  performance,  firewall  with  unlimited  user 
license,  IPSec  VPN  and  High  Availably  feature. 


Firewall  Software  Systems 


GB-  Flash 

All  the  power  and  functionality  of  the  GB-1000  on  an  easy  to 
install,  solid-state  flash  memory  module. 

GNAT  Box  Pro 

Simple,  powerful,  high  value  firewall  that  runs  and  boots  from  a 
floppy  diskette  on  a  486  CPU  (or  higher)  and  16MB  of  RAM 


Global  Technology  Associates,  Inc. 

Firewall  developers  since  1 994 
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COMPLETE  KVM  CONTROL  VIA  TCP/IP 
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Remote  Client 


K  s  i/e m  s n 


Servers 


Available  in  single  and  eight  channel  versions 


CONTROL  KEYBOARD.  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 

ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 

REMOTELY  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 


The  Engine  of  Innovation 
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Resellers  and  Distributors  Welcome 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Observer 
$ 995 


Expert 
Observer 
* 2895 


Observer 
Suite 
$ 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 
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Need  A  Reliable  Rack  Modem? 

Convenient  Dial-Up  Access  to  Your  Equipment  Bays 


•  Remotely  Configurable 

•  AC  and  -48V  DC  Power  Options 

•  Internal  Filtered  and  Surge  Protected  Power  Supply 

•  Powers  Up  to  Specified  Answer  Rings  and  Baud  Rate 

•  Standard  “AT”  33.6  Kbps  Modem 


Defux 


Password/Dial  Back  Modem  (SRM) 


Local  RS232  Console  Port  33.6  Kbps  Modem 


•  Up  to  100  Individual  Passwords 

•  Audit  Trail  Log  with  Time/Date  Stamp 

•  Remotely  Configurable 

•  Standard  “AT”  33.6  Kbps  Modem 

•  19”  or  23”  Rack  Options  nebs  Approved 


□ 

□ _ WWW.Wti.com _ (800)  854-7226 

western  telematic  incorporated  Keeping  the  Net.. .Working! 

5  Sterling  •  Irvine  •  California  •  92618-2517 


instantly  Search  Gigabytes  of  Text 


dt  Search 


"Superb  ...  a  multitude 
of  high-end  features" 

—  PC  Magazine 

"Very  powerful  ...  a 
staggering  number  of 
ways  to  search" 

—  Windows  Magazine 

"A  powerful  text  mining 
engine  ...  effective 
because  of  the  level  of 
intelligence  it  displays" 

—  PC  Al 

"Impressive" 

—  PC  Magazine  Online 

"A  tremendously 
powerful  and  capable 
text  search  engine" 

—  Visual  Developer 

"Intuitive  and  austere  ... 
a  superb  search  tool" 

—  PC  World 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 

Fast,  precision  searching 

♦  over  two  dozen  text  search 
options 

♦  indexed,  unindexed,  fielded 
and  full-text  searching 

Organization-wide 

reach 

♦  highlights  hits  in 
HTML  and  PDF 
while  keeping 
embedded  links 
and  images  intact 

♦  converts  other  file 
types  —  word 
processor,  database, 
spreadsheet,  email,  ZIP, 

XML,  Unicode,  etc.  —  to 
HTML  for  display  with 
highlighted  hits 

1-800-IT-FINDS 
www.  dtsearch.  com 

sales@dtsearch.com 


Network 

Search  the 
many  forms  of 
,jW,fLrt]^mr 
itr ci  large 
mterprise 
network 
♦  irom  $ 800 


Spider 

Spider  and 
search  Web 
.sitesfr*.  included! 
with  all  products 


Web 

Add  instant 
searching  to 
your  site 

5 999  per  server 


Desktop 

Find  anything, 
anywhere, 
instantly  ♦  $199 


Publish 

Publish  a  searchable 
database  to 
CD.  DVD 

♦  from  $2, 5 00 


The  dtSearch 
product  line 
instantly  searches 
gigabytes  of  text 
across  a  desktop, 
network,  Internet 
or  Intranet  site. 


Text  Retrieval 
Engine 

Add  power 
searching  to 
a  product 

♦  extensive 
sample  source 
code  in  multiple 
programming 
languages' 

♦  from  $999 


Visit  www.dtsearch.com 
for  30-day  evaluations 


dtSearch  products 
also  serve  as 
tools  for 
publishing,  with 
instant  searching, 
large  document 
collections  to 
Web  sites  or 
CD/DVDs. 
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The  Hub  of  the  Hetwork  Buy 
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Network  Flow  Analyzer 


•  An  Easy-To-Use  Network  Viewing  Tool 

•  Email  •  Database  *VoIP  •Web 

•  Identifies  Problems  Causing  Slow  Downs 

•  Monitors  Applications;  Network  Devices, 
and  Network  Traffic 

•  Affordable  AjJiiikllA 


Free  Download! 

www.AppDancer.com 


BEST  OF  INTEROP 


NETW<  RLDINTEROP 


o 


CMP  MBUnmiEEK  RETIMES 


Call  Toll  Free 
800.82S.7563 


A  ppPancer 


N  e  t  w  o 


k  s 


AppDancer  Networks,  Inc. 

1 000  Holcomb  Woods  Parkway 
Suite  426 

Roswell,  GA  30076-2585  USA 

email  info@AppDancer.com 

telephone  770.643.6800  USA 
web  www.AppDancer.com 


Cisco 


Routers 

Switches 

Hubs 

Voice  Over  IP 

Memory 

Security 

Interface  Modules 
Port  Adapters 
Wireless 


World  Data  Products  introduces  its  new  Cisco 
Router  and  Switch  poster.  It  provides  at-a-glance 
information  on  model  capacities,  interface  cards 
and  available  features. 

The  Cisco  Poster  is  a 

—  1  '">Kn.r~Z 


valuable  tool  for 
network  planning. 
Call  877.231.2451  or 
visit  www.wdpi.com 
to  request  your 
FREE  Cisco  Router 
and  Switch  poster. 


WSW&bf/ 

■ 
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DATA  PRODUCTS 


Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Used 

www.wdpi.com  •  877.231.2451  •  cisco@wdpi.com 


121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


Dial  Access  Solutions 


Compare:f  oryourself 

Dial  Access  at  its  best! 

Equinox  Multi-modem  Adapters 
provide  up  to  44%  savings  over  the 
leading  competitors  of  similar  products. 


SST-MM8P  PCI 

I 

Fax  server 
Dial  access 
Data  collection 
Modem  pooling 
Internet  access 


TTy  before  you  buy!  Modem  pooling 

Call  1  -800-275-3500,  ext.  61 5  Internet  access 

for  a  FREE  30-day  evaluation! 
or  email:  sales@equinox.com 

For  more  infomation  on  Equinox  products  visit  our  website  at  -  www.equinox.com 


an  Avocent  Company 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 


Boson  Training  ^ 

(813)  925-0700 
www.bosontraining.com 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 

_ 

PMG  NetAnalyst 

(800)  645-8486 
www.NetworkTraining.com 
Network  Forensic  Analysis  and 
Security  Training  and  Services 

Infinity  I/O 

(800)  990-0955 
|  www.infinityio.com 
Fibre  Channel  &  SAN  Training 
I  &  Certification 


Learnkey  Inc.  ^ 

(800)  865-0165 
I  www.learnkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


.v  ...  A-T  ; 
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nets 

(800)  828-2050 
I  www.wavetech.com 
IT  Certification  Boot  Camps  with 
Guaranteed  Success 

— - 


George  Washington  Ifniv 

(202)  973-1175 
www.cpd.gwu.com 
|  Oracle  DBA  Cisco  CCNA  Java 
wireless  networks 
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NetSmart  Learnin 


— - - 


■Network  World's 


Kwonu  s 

arketPlace 


CISCO 


.451.3407 


Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 


www.networkhardwar€.com 

^  BUY  ONLINE 


NETWORK  HARDWARE  RESALE 


fl 
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The  Hub  of  the  Hetwork  Buy 


Smartronix 


Network 
Test  Tool 

s699 

10/100  Ethernet  LAN  Tester 

Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 

►  Displays  network  utilization,  packets 
&  statistics 

►  Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  half/full  duplex 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


(Palm  handheld 
included) 


Extend  the  life  of  your 

Networking 

N 


Your  Alternative  to  factory  New  products 


A-1  Quality  Pre-Owned  Tested  Equipment 
50-85%  Savings  off  List  Prices 
120-Day  Limited  Warranty 
100%  30  Day-Money  Back  Guarantee 
Large  Inventory,  Same  day  Shipping 
Extended  Warranties  Available 
Professional  Quality  Packaging 


Request  a  Quote  on-line  at: 
www.bizint.com 
e-mail:  info@bizint.com 

(877)  438-2494 

or  (315)  458-9606 


Your  global  alternative 
to  factory  new  products 

We  Buy,  Sell,  Trade  and  Lease. 


CISCO.  EXTREME.  JUNIPER.  BAY/NORTEL.  3COM.  FOUNDRY.  CABLETRON 


Buy,  Sell  or  Announce 

Network  Products 
and  Services  with 
Network  World's  Marketplace 
Call  800-622-1108  ext.  6507 


■■Moil 


LIQUIDATION  !!!  New,  Refurb,  Used. 

BAY/NORTEL  NETWORKS,  3 
LUCENT/AVAYA 

$  90  %  Off  List  Price  Guarantee 
$  Over  2000  items  in  stock 
$  Same  Day  Shipping 
at  no  extra  cost  $  Baystack  asn  base  unit  32m  (af0002009)-  $250 

$  Quad  port  synch.  fre2-040  16mb  ili  (74008-16)-  $800 
$  Adapteon  5399  dual  wan  (pri  or  channelized  tl) 
(888)410-2822  remote  access  concentrator  (cxl004e39)  -  $750 

Email:  eric@seniornetworks.com  http://www.seniornetworks.com 


^LOGICS, 


NORTEL  NETWORKS 
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Why  Are  We  The  Best? 


•  Nortel  Service  Contracts 
■  Nonel  Service  Renewals 


■  Free  Technical  Support 
'  Next-Day  Hardware 
Replacement 


•  Good  As  New  Gear, 

Same  as  New  Warranty 
-  of  Better  Than  New  Prices 


Refurbished  Specials: 


j  ASN/2-32mb  Refurbished  Advanced  Stack  Node  Bundle 

j  Indudes  AF0002El}-32mb  Redundant  Base  Unit 
|  lx  54000  Dual  Ethernet  lx  AF21 11005  Quad  Sync 
\  i  v  AA001 1004  Fast  Packet  Cache,  lx  AT2104013  128  bit  Compression  Module 


Special  $2,995 


[  Haystack  J5C1  HO  (AL2012£t0)  24  Port  f0/100  switch 

j  Mwtastrcd  C*ad(S  may  vary  "A"  Grade  sale  price  $350.00 

J  BaySUck  4W-241  (A12012E141  24  Port  t0/100  Stackable 

:  Backbone  1. outer  Speciai-AG  1004005 
i  Refurb  lot  tadjdes  Owe  jf*t  with  the  fas!  FM2-060-64mb 


As  Low  As  $150 

Special  $895 
Special  $3,249 


Pont  war  ■.-.a?  Try  our  low  prices  on  new!  Call  Today! 


1*0*  c. 
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ANWAN 

(838-852-6926)  - 

Notional  LAN  Exchange  •  WWW.nle.com 


.  1 


Products 


— 


purchased  as 


a 


result  of 


Marketplace,  ads. 


Y'  Hubs 
Y'  Routers 
S  Software, 
training 
Y'  Memory 
products 
S  Ethernet 
Cards 

Y'  Netware, 
products 
S  Modems 


Systems/Featwes/Memory 


Also  Available:  wellfleet,  Bay,  Fore, 
Xyloglcs,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  NO  Expedite  Charges 


COMSTAR,  INC. 

The  »1  Network  Remarketer 

952*835*5502 

Fax  952*835#1927  E-Mail  salesecomstarinc  com 


Increase  Your  Exposure  with 

NetworikWorld's 

Response  Cards! 

Issue  Date:  September  9 
Ad  Close:  August  9 


iruivii 


See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks.  Lighters.  Games 

www.suitcase.com 


Marketplace  and 
watch  your  sales 
come  pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 

_ 


Tel:  408.727.1122 
Fax:  408.727.8002 

34-3  1  DE  LA  CRUZ  BLVO. 
WWW.RECURRENT.COM 


EeCZMReftjt 

technologies,  inc. 
SANTA  CLARA,  CA  95054 
INFQ@RECURRENT.CDM 


© 


careers.com 


IT  CAREERS 


Q  careers 


Software  Engineer 

SchlumbergerSema  is  seeking 
a  Software  Engineer  for  our 
office  in  the  Atlanta,  Georgia 
area  for  design,  analysis,  imple¬ 
mentation,  documentation,  testing, 
debugging  and  maintenance  of 
object-onented  applications  using 
C++,  Java  and  Perl  on  Windows 
and  Unix  workstations;  object 
oriented  modeling  using  UML 
and  the  Rational  Unified  Process; 
database  management  using 
ObjectStore  and  Oracle;  use  of 
profiling  tools  and  source  code 
versioning  tools  and  software. 
Requires:  Master's  degree  in 
engineering  or  a  computer-relat¬ 
ed  discipline  and  one  year  of 
industry  experience  in  software 
design.  Please  send  resume 
to:  SchlumbergerSema,  Attn: 
Personnel  Dept.  #RM/04.  75 
Shoreway  Road,  San  Carlos, 
CA  94070.  See  our  website  at 
www.slb.com.  E.O.E. 


Software  Engineers  needed: 
Design,  test,  install  and  configure 
software  systems.  Build  client 
server  applications.  Work  with  3 
of  the  following  SQL  Server, 
Java,  Silver  Stream  or  Visual  Fox 
Pro.  Requires  BS  degree  or 
equivalent  and/or  relevant  work 
experience.  Mail  resume,  refer¬ 
ences  and  salary  requirements 
to:  Ruscomp,  Inc.,  12765  W. 
Forest  Hill  Blvd.,  Wellington,  FL 
33414. 


Software  Engineers  (multiple 
positions)  sought  by  computer 
s/w  consultancy  firm  in  Columbia, 
MD.  Must  have  Bach  in  Comp 
Sci„  Engg  or  equiv  and  one  yr 
relevant  exp.  Respond  to:  HR 
Dept,  S&S  Business  Systems, 
Inc.,  100150ld  Columbia  Road, 
Suite  B-215,  Columbia,  MD 
21046. 


Prog/Analysts  to  analyze,  design, 
develop  enterprise  level  scientific 
appls  using  Java,  J2EE,  HTML, 
JMS,  JDBC,  Servlets,  Oracle, 
ASP,  SQL  Server,  and  Windows 
NT/2000,  UNIX  OS;  perform 
weblogic  server  admin;  conduct 
user  requirement/feasibility  stud¬ 
ies,  systems  analysis,  database 
design,  coding,  implementation, 
documentation,  maintenance, 
support,  unit  and  system  testing 
of  complex  scientific  systems 
and  applications.  Require  BS  or 
foreign  equiv  in  CS  or  Engg  (any 
branch)  with  2  yrs  exp  in  IT.  High 
salaries.  F/T  positions.  Travel  to 
client  sites  within  the  US.  Re¬ 
sumes  to  Salem  Associates,  Inc. 
7074  Peachtree  Industrial  Blvd, 
Suite  210,  Norcross,  GA  30071 . 


Computer  Systems  Analyst 
wanted  for  the  design  and  de¬ 
velopment  of  computer  software 
systems  and  coordination  of 
database  development  as  part  of 
a  project  team,  applying  know- 
eldge  of  computer  science,  sci¬ 
ence,  and  engineeering;  review¬ 
ing  project  request  to  determine 
client  needs;  determine  if  project 
requires  creating  series  of  new 
programs  or  modifying  existing 
programs;  implement  and  test 
system.  40  hrs./week.  8am  to 
5pm;  $  64,400  per  year;  Must 
possess  Master's  Degree  in  En¬ 
gineering,  Computer  Applica¬ 
tions, Computer  Science  or  Sci¬ 
ence;  Must  possess  two  years  of 
experience  in  job  offered  or  as 
Systems  Analyst  Employer  Paid 
Ad  Please  send  resumes  to 
MCDC/ESA,  P.O.  Box  11170, 
Detroit,  Michigan  48202.  Refer¬ 
ence  No.  202114. 


SYSTEMS  ANALYST/FINAN¬ 
CIAL  ADMINISTRATOR  to  de¬ 
sign,  develop,  test,  support  & 
maintain  computer  systems  to 
administer  company  payroll, 
time  records  and  benefits;  Main¬ 
tain  documentation  of  all  finan¬ 
cial  transactions  so  as  to  provide 
pertinent  financial  info,  to  tax  and 
corporate  accountants.  Require: 
Bachelor's  degree  (or  foreign 
equivalent)  in  Mgt.  Info.  Systems, 
Comp.  Info.  Systems,  or  a  close¬ 
ly  related  field,  with  2  years  of  ex¬ 
perience  in  the  job  offered  or  as 
a  Systems/Business  Analyst. 
Competitive  salary  &  benefits. 
8a-5p,  M-F.  Send  resume  to: 
David  G.  Venters,  P.E.,  Presi¬ 
dent,  Eproject.Net,  Inc.,  5711 
Richard  St„  Suite  1A-2,  Jack¬ 
sonville,  FL  32216  (No  Phone 
Calls  Please) 


S/W  Engineers  to  manage 
teams  to  analyze,  design,  develop 
and  support  applications  on 
COBOL,  C,  C++,  VB,  Oracle,  MS 
SQL  Server.  SQL,  EGRET,  EPI- 
INFO  etc  under  UNIX  and  Win¬ 
dows  OS;  design  and  develop 
object  oriented  e-commerce 
applications  using  J2EE  archi¬ 
tecture,  Java,  XML,  Servlets, 
EJB  and  JSP,  enhance  and 
maintain  online  and  batch  appli¬ 
cations;  evaluate  team  members 
and  guide  team  by  providing 
methodologies  to  be  followed; 
interact  with  the  clients.  Require 
M.S  in  CS/Science  /  Engg  (any 
branch)  with  3  years  exp.  B.S.  or 
foreign  equiv  with  cone  in  any 
of  the  above  with  5  years  of 
relevant  progressive  exp  will  also 
be  accepted.  Highly  paid  position. 
Travel  involved  to  client  sites. 
Resume  to  Salem  Associates, 
Inc.  7074  Peachtree  Industrial 
Blvd,  Suite  210,  Norcross,  GA 
30071 . 


Programmer  Analyst-  2  posi¬ 
tions:  Analyze  user  require¬ 
ments,  procedures  &  problems 
to  automate  processing  &  re¬ 
ports,  identify  problems  &  modi¬ 
fy  coding.  Use  C  +  +,  C,  Java  and 
OOP.  Design,  dev.  and  imple¬ 
ment  Intranet  and  internet  based 
applications.  Dev.  API/Middle- 
ware  for  various  Oracle  based 
applications.  Req.  BS/BBA  in 
CS  /Accounting  OR  functional 
equiv.  plus  2  years  of  experi¬ 
ence.  Please  send  resume  to 
Orient  Inc.  C/O  Hampton  Inn, 
153  Hampton  Ct„  Commerce, 
GA  30529. 


Web  Administrator-  Design,  de¬ 
ploy,  support,  &  troubleshoot 
servers.  Install  &  configure  web 
applications.  Design,  validate, 
enable,  &  implement  web  hosting 
service  projects.  Must  have  a 
Bach. Deg.  in  Comp.  Science, 
Eng'g,  or  related  discipline, 2  yrs. 
exp.  in  the  job  offered  or  as  a 
Systems  Engineer  or  Systems 
Administrator,  &  exp.  with 
WindowsNT,  SQL,  &  Unix.  Send 
resume  to:  Rich  FX,  1450 
Broadway  18th  Floor,  New  York, 
NY  10018.  Attn:  Harry  Plonskier 


Computer  Science  Instructor 
sought  by  Sullivan  Colleges 
System  at  its  Louisville,  KY 
campus  to  teach  multiple  courses 
in  the  Computer  Science  De¬ 
partment.  Bachelor's  degree  in 
Computer  Science  or  related 
field  required.  At  least  one  year 
related  teaching  experience  re¬ 
quired.  Send  resume  to  V.  God¬ 
win,  Sullivan  Colleges  System, 
3101  Bardstown  Road, 
Louisville,  KY  40205. 


Computer  Programmer  who  will 
plan,  develop,  document  and 
assure  quality  of  computer  pro¬ 
grams  and  systems  using  working 
knowledge  of  RUP  methodology 
using  Rational  Suite  (Rose 
200e,  Clear  Quest,  ClearCase, 
Requisite  Pro,  SoDA),  EDI,  IDX, 
RTI,  Webforms,  WebMethods, 
Datatect,  Quest  TOAD,  JUnit, 
JBLITZ,  Real  Validator,  Load 
Runner,  Win  Runner  and  SQL. 
Will  work  on  Palm  OS,  RPT, 
RPGILE,  CL,  S/360-390,  AS/ 
400,  Sun  Solaris.  Novel  Netware 
and  Windows  NT/95/2000/XP. 
Applicant  must  have  at  least  two 
years  work  experience  as  a 
Computer  Programmer.  Appli¬ 
cant  must  have  extensive  expe¬ 
rience  using  Rational  Suite  (Rose 
200e,  Clear  Quest,  ClearCase, 
Requisite  Pro,  SoDA),  Quest 
TOAD,  Palm  OS,  Datatect,  JBIitz, 
JUnit,  Real  Validator,  SQR,  Load 
Runner,  Win  Runner,  EDI,  IDX, 
RTI,  Webforms,  WebMethods, 
ILERPG,  Sun  OS  and  Java 
Load/Star/Spec/Scope.  Work 
involves  extensive  travel  and 
frequent  relocation,  $66,500/ 
year,  40  hours/week,  9:00am- 
5:00pm.  Send  resume,  listing 
Job  Order  Number  WEB  244532, 
to  Fayette  County  Team  PA 
CareerLink,  ATTN:  JS  Supervisor, 
32  Iowa  Street,  Uniontown,  PA 
15401-3513. 


Computer  Programmer  II  to 

code,  test,  and  debug  applica¬ 
tion  programs  using  Java/J2EE, 
SQL,  XML,  DHTML,  JSP  and 
Java  Script;  and  to  program  EJB 
using  Java  with  J2EE  specifica¬ 
tions,  and  program  PL/SQL 
packages  and  JDBC  queries  in 
Oracle  database,  and  create 
web  interface  with  DHTML,  JSP 
and  JavaScript.  Must  have  a 
Master's  degree  in  Computer 
Science,  Engineering  or  a  related 
field  and  proficiency  in  Java, 
SQL,  XML.  40  hrs/wk.  Send 
resume  to  James  Cappola, 
E-Certify,  3025  Windward 
Plaza,  Suite  200,  Alpharetta,  GA 
30005.  Ref.  Code:  GA-ZW. 


SOFTWARE  ENGINEER: 

Research,  design  and  develop¬ 
ment  of  computer  software  sys¬ 
tems,  in  conjunction  with  hard¬ 
ware  product  development, 
applying  principles  and  tech¬ 
niques  of  computer  science, 
engineering  and  mathematical 
analyses;  analyses  of  software 
requirements  to  determine  feasi¬ 
bility  of  design  within  time  and 
cost  constraints;  consults  with 
hardware  engineers  and  other 
engineering  staff  to  evaluate 
interface  between  hardware  and 
software  and  operational  and 
performance  requirements  of 
overall  system;  formulates  and 
designs  software  system,  using 
scientific  analysis  and  mathe¬ 
matical  models  to  predict  and 
measure  outcome  and  conse¬ 
quences  of  design;  develops 
and  directs  software  system 
testing  procedures,  program¬ 
ming,  and  documentation;  con¬ 
sults  with  customer  concerning 
maintenance  of  software  sys¬ 
tem;  coordinates  installation  of 
software  system.  Requires 
Bachelor  Degree  in  Computer 
Science,  Engineering  or  a  related 
field.  Work  40  hours  per  week,  M- 
F,  8-5.  Position  available  in 
Charlotte,  NC.  Send  Resumes 
to  Dana  Chappell-Stephens, 
WebTone  Technologies,  Inc., 
3390  Peachtree  Road  #600, 
Atlanta,  GA  30326 


Systems  Analyst:  Dev.  Systems 
for  tech,  app.;  Program  in 
FoxPro, VB,  Clipper,  MS 
Access,  MS  SQL  Server, 
Informix  DB,  System  integration 
between  PC  &  AS/400,  Using 
Cobol,  RPG/400,  C/A,  DB/2 
knowledge  of  Windows  9X,  NT, 
XP,  2000,  Novell  Netware.  5250 
emul,  experience  in  Drivers 
scheduling,  manufacturing  sys¬ 
tems.  Req.  planning,  evaluation, 
and  develop  user  requests  for 
new,  modified  existing  programs 
using  programming  techniques 
&  computer  expertise,  increasing 
operating  efficiency  or  adapting 
to  new  req.,  oversee  inst.  of 
HW  &  SW,  monitor  programs 
performance  SP,  5  yrs  exp.  in  job 
offered.  Fax  305-819-1510. 


Senior  Programmer  Analyst, 
Messaging  Services,  position  re¬ 
quires  project  management 
skills,  gathering  requirements, 
analysis,  design,  coding,  testing, 
implementation,  and  mainte¬ 
nance  of  MQ  Series  COBOL 
programs.  Provide  client  support 
and  assume  on-call  responsibil¬ 
ities  with  minimal  or  no  supervi¬ 
sion  to  support  Messaging  Ser¬ 
vice  systems.  Assist  junior 
programmers  in  becoming  more 
active  participants  in  mainte¬ 
nance  functions.  Must  have  at 
least  five  (5)  years  of  experience 
with  IBM  mainframe  program¬ 
ming  in  a  senior  level  capacity, 
during  which  the  following  skills 
were  regularly  used:  COBOL  II, 
DB2,  IMS  DB,  CICS,  VSAM, 
SQL/DS,  JCL,  TSO,  SYNC- 
SORT,  FILE-AID,  ENDEVOR, 
WIN  NT/2000  including  two  (2) 
years  experience  in  credit  card 
processing  and  one  (1)  year  of 
experience  in  conversions  and 
TSYS  TS2  processing. 

Hours:  8:30  a.m.  to  5:30  p.m. 
Monday  -  Friday.  Salary: 
$59,518  per  year.  Must  have  in¬ 
definite  right  to  work  in  U.S. 
Send  resume  demonstrating  all 
requirements  to  TSYS.  Attn: 
Elizabeth  Bennett,  1000  -  5th 
Avenue,  Columbus,  Georgia 
31901 


Software  Engineers  needed. 
BEC  Consultants,  Inc.  is  seek¬ 
ing  qual.  candidates  possessing 
BS  or  equiv.  in  Comp.  Sci.  or 
related  &  5  yrs.  relevant  work 
exp.  Design  &  build  interfaces 
from  web  to  databases.  Exp. 
must  include  2yrs.  working  with 
IDMS.  Must  be  willing  to  travel 
&  relocate  as  required  through¬ 
out  the  US.  Mail  resume,  refer¬ 
ences  &  transcripts  to:  BEC 
Consultants,  Inc.,  Attn:  HR  633 
Post  St.,  #340,  San  Francisco, 
CA  94109. 


Systems  Analysts  to : 

--Analyze,  design,  test  client 
server  appls  using  ASP,  VB, 
HTML,  COM,  DCOM,  XML,  SQL 
Server  etc  under  UNIX/Windows 
OS;  identify  and  implement  in¬ 
dustry's  current  'best  practices'; 
set  up  development  environments, 
identify  and  resolve  issues;  trou¬ 
bleshoot  appls  and  prepare  doc¬ 
umentation. 

-Analyze,  design,  develop  and 
support  client/server  appls  using 
PB,  Sybase,  Oracle  and  MS 
SQL  Server  on  Windows/UNIX 
OS;  evaluate  user  requests  for 
enhancements  to  existing  pro¬ 
grams  and  create  new  pro¬ 
grams;  participate  in  project  de¬ 
velopment  including  writing  req 
design,  proto  typing,  coding  and 
unit  testing.  Require  Bachelor's 
degree  or  foreign  equiv  in  CS, 
Business  Admin,  Engg  (any 
branch)  or  related  field  with  2  yrs 
exp  in  IT.  Highly  competitive 
salaries.  Travel  involved  to  client 
sites.  Resumes:  Synergy  America, 
Inc,  1565  Woodington  Circle, 
Suite  101,  Lawrenceville,  GA 
30044. 


Enhance  your  career  possibilities 
with  ALLTEL  Information  Services, 
Inc.  We  currently  have  an  opening 
for  a  Programming  Supervisor  in 
San  Diego,  CA.  Resp.  include 
managing  design,  development, 
testing,  documentation  and 
analysis  of  ACBS  software 
systems  in  the  AS/400  environ¬ 
ment.  Qualified  individuals  must 
have  appropriate  degree  and 
relevant  experience  including.  2 
yrs.  of  exp  with  ACBS  software. 
Please  fax  or  send  resume  with 
references  to  Doug  Opdycke  at 
ALLTEL  Information  Services, 
12250  El  Camino  Real,  Ste  140, 
San  Diego,  CA  92130;  Fax:  858- 
793-3026. 
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It’s  like,  having 
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The  hottest  job  leads  you  can’t 
find  anywhere  else  are  all  right 
here.  That’s  because  Dice  is  all 
tech  jobs,  all  the  time.  Get  the 
inside  track  on  the  best  tech 
jobs.  Go  to  dice.com  today. 
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Programmer  Analyst  -  Design, 
develop,  test,  and  implement 
application  software  systems. 
Work  environments  include  Oracle 
database,  C++,  PL/SQL,  Java, 
Developer  2000,  Informix,  SQL 
Server,  Unix,  Windows  NT,  and 
Peoplesoft  packages,  People- 
soft  HR  Management,  and  Peo¬ 
plesoft  Financial.  Reqs:  Bache¬ 
lor's  degree  or  its  foreign 
equivalent  degree  in  Science  or 
Engineering  and  2  years  experi¬ 
ence  in  the  job  offered  or  in  a  re¬ 
lated  occupation  as  a  Software 
Engineer,  Computer  Program¬ 
mer,  ERP  Consultant,  or  People- 
soft  Consultant.  Will  accept  3 
years  college  education  in  Sci¬ 
ence  or  Engineering  plus  3  years 
experience  in  the  job  offered  or 
in  a  related  occupation  in  lieu  of 
the  requirement  of  a  Bachelor's 
degree  and  2  years  experience. 
Must  have  6  months  experience 
with  Peoplesoft  Financial,  Peo¬ 
plesoft  HR  Management,  Oracle 
Database.  PL/SQL,  and  Informix. 
$66, 828.70/year,  40  hrs/wk,  8a- 
5p,  M-F.  Job  location:  various 
unanticipated  locations  through¬ 
out  the  U.S.  but  most  of  the  time 
in  Pennsylvania.  Mail  resume  to 
JS  Supervisor,  Greene  County 
Team  PA  Career  Link,  4  West 
High  Street,  Waynesburg,  PA 
15370-1324,  and  refer  to  refer¬ 
ence  number  WEB  252772. 


System  Analysts  (multiple  posi¬ 
tions)  sought  by  computer  s/w 
consultancy  firm  in  San  Jose, 
CA.  Must  have  Bach  in  Comp 
Sci.,  Engg  or  equiv  and  one  yr 
relevant  exp.  Respond  to:  HR 
Dept,  Yash  Solutions,  Inc,  1233 
Hazlett  Ct,  San  Jose,  CA  951 31 . 


Computer,  Info  Systems  (Asst 
Mgr)--Maintain,  develop  &  im¬ 
plement  new  programs  for  Acctg 
Dept  that  consists  of  computa¬ 
tional  engines  &  client  software. 
Maintain  &  support  distributed 
database  for  finan  apps  that 
contains  descriptions  of  more 
than  20,000  different  finan 
instruments  &  requires  50-200 
security  updates  daily.  Program/ 
test/fine  tune  software  in  various 
environments.  Develop/maintain 
communications  software  for 
client-server  &  distributed  apps 
using  Sybase  as  it  relates  to 
SQL  servers  &  Jaguar  CTS. 
Design/develop/support  inter¬ 
faces  for  finan  apps  &  graphical 
interfaces  using  PowerBuilder  & 
PowerJ  dev  tools.  Req  Bach 
or  foreign  equiv  in  Comp  Sci, 
Engin,  or  Math  +  2  yrs  exp  in  job 
or  2  yrs  exp  as  client/server 
developer  or  programmer/analyst. 
Related  exp  must  include 
Sybase  as  it  relates  to  SQL  serv¬ 
er,  Jaguar  CTS,  PowerBuilder  & 
PowerJ.  M-F  8-5  p.m.  Resumes 
to  Paloma  Partners  Manage¬ 
ment  Co.,  Attn:  Michael  Berner  - 
Exec  VP,  2  American  Lane, 
Greenwich,  CT  06836. 


Senior  Mechanical  Engineer 

Design  &  develop  cable  and 
connector  products  based  on 
USB  &  IEEE1394 Technology  by 
using  AutoCAD  and  Soildworks 
software;  supervise  &  monitor 
the  QA  &  RMA  process  to  support 
the  production,  sales  and  mar¬ 
keting  personnel  on  technical 
specification  &  custom  projects. 
BS  in  Mechanical  Engineering 
plus  5  yrs  exp.  in  the  job  offered. 
Send  resume  to  President  Sam 
Liu,  Newnex  Technology  Corp, 
1 1 90  T  Miraioma  Way,  Sunnyvale, 
CA  54035. 
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NETWORK  ANALYST 

West  Suburban  Chicagoland 
area.  40  hours  per  week;  no 
overtime;  9:00  A.M  to  5:00  P.M. 

,  $82, 430/year;  Shall  design  and 
implement  LAN/WAN  Network 
systems.  Install,  support  and 
troubleshoot  Windows  NT/2000 
servers  using  DNS.  DHCP.  WINS 
and  Dynamic  DNS  communication 
protocols.  Install  3-Com/Cisco 
switches/hubs  and  routers  using 
RIP  or  OSPF  Routing  Priority 
Algorithms/tables  to  attain  net¬ 
work  routing  efficiency.  Manage 
gateways  switches,  routers  and 
TCP/IP  Protocol  Architecture. 
Monitor  network  using  HP  Open- 
View/Sniffer  and  Whatsup  Gold 
Network  Management  Tools. 
Analyze,  identify  and  troubleshoot 
data  communications  problems 
related  to  networking  hardware 
and  software.  Design  and  setup 
systems  backup  devices  using 
Legato  Tape  Backup.  Write  pro¬ 
gram  codes  in  Unix  to  automate 
systems  backup. 

8  years  grade  school;  4  years 
high  school;  Bachelor's  Degree 
in  Computer  Science  or  equivalent 
required;  No  minimum  training 
required;  2  years  experience  in 
job  offered  or  2  years  experience 
as  Network  Analyst  required. 

Applicants  must  show  proof  of 
legal  authority  to  work  in  the  U.S. 
Send  resumes  to: 

ILLINOIS  DEPARTMENT  OF 
EMPLOYMENT  SECURITY,  401 
South  State  Street  -  7  North 
Chicago,  Illinois  60605  Attention: 
Brenda  Kelly  Reference  #V-IL 
32590-K  AN  EMPLOYER  PAID 
AD  NO  CALLS  -  SEND  2 
COPIES  OF  BOTH  RESUME  8 
COVER  LETTER 


Prog/Analysts  needed  nation 
wide  may  req  travel/reloc.  Need 
Bach  +  2yrs  exp  in  skills:  1st 
req'sVB,  ASP,  python;  2nd  req's 
IBM  mainframe,  Cobol.  VSAM, 
DB2,  JCL,  Assembler.  Send 
resume  to  Future  Tech  Consul¬ 
tants  LLC,  P.O.  Box  921516, 
Norcross,  GA  3001 0 


ERP  Systems  Technical  Admin¬ 
istrator.  Sys.  admin,  for  data  cen¬ 
ter,  Sun/Solaris,  MS  NT/2000;  Or¬ 
acle  &  MS  SQL  DBA;  maintain 
patch  level  of  Oracle  &  MS- 
based  ERP  &  clinical  s/ware  sys. 
BS  in  Comp.  Sci.  or  MIS.  2  yrs 
exp  in  sys.  admin,  of  Sun/Solaris 
&  Intel/MS  platforms,  MS-based 
webapps.;  DBAforOrade&MS 
SQL  d/bases.  MS  SQL.  Oracle 
DBA.  &  MS  Certified  Sys.  Eng.  & 
Internet  certifications  reqd.  Send 
resumes  to  Lise  Everly,  400 
Locust  St,  Ste  820,  Des  Moines. 
IA  50309. 


Technical  Staff  (Software  Engi¬ 
neer),  wanted  for  data  manage¬ 
ment  company  seeking  solutions 
for  healthcare.  Requires  B.S.  in 
Comp.  Sci.  plus  2  years  exp. 

Please  apply  to  hr@  medplus.com 

MedPlus,  Inc.,  8805  Governors 
Hill  Drive,  #100,  Cincinnati  OH 
45249. 


Senior  Programmer  Analyst 
wanted  for  the  research,  design 
and  development  of  computer 
software  systems  applying  prin¬ 
ciples  and  techniques  of  com¬ 
puter  science,  science,  com¬ 
merce,  and  mathematical 
analysis,  using  COBOLII  and 
other  computer  software  and  op¬ 
erating  systems.  40  hrs./week;  8 
am  to  5  pm;$54,600  per  year; 
Must  possess  Bachelor's  De¬ 
gree  in  Engineering,  Commerce 
or  Computer  Science;  Must  pos¬ 
sess  one  year  of  experience  in 
job  offered  or  as  a  Programmer. 
Employer  Paid  Ad.  Please  send 
resumes  to  MCDC/ESA,  P.O. 
Box  11170,  Detroit,  Michigan 
48202.  Reference  No.  202126. 


The 

Gillette 

Company 


INFORMATION 
TECHNOLOGY 
. .  .  .  OPPORTUNITIES 


The  Gillette  Company  is  the 
world  leader  in  more  than 
a  dozen  consumer  product 
categories.  Global  World  Class 
operations  are  increasingly 
dependent  on  Information  Tech¬ 
nology.  Exciting  opportunities 
exist  in  global  business  process 
integration  initiatives.  We  are 
currently  seeking  the  following 
highly  qualified  professionals  to 
join  the  Gillette  IT  team  in  the 
Boston  area. 


The  following  positions 
commonly  require  a  Bachelor's 
degree  (or  equivalent)  in 
Computer  Science,  MIS, 
Business  Admin.,  or  similarly 
relevant  field,  and  3-5  years 
relevant  experience. 

/  Staff  Programmer  Analysts 

I  (SAP)  Staff  Basis  Adminis- 
trators/Con-flguratlon- 
Integration  Specialists/ 
Application  Developers 

I  Data  Warehouse  Architects / 
Developers/Database 
Administrators 


I  Telecommunications 
Analysts 

Starting  salaries  range  from 
$56,100  to  $119,000  per  year, 
together  with  paid  vacation, 
medical,  dental,  life  and  disability 
insurances,  and  other  industry- 
competitive  benefits. 

Please  email  resume  to: 
www.Gillette.com. 


The  Gillette  Company  is  an 
equal  employment  opportunity 
employer 


Software  Engineer  with  Masters 
in  Computer  Science  wanted  in 
Houston.  TX.  Respond  to:  HR 
Dept..  Amencan  Shengli  Inf  I 
Energy  Service  Co.,  Irtc.,  4418 
Sweetwater  Blvd.  Houston,  TX 
77479. 


Software  Eng  -  for  web  based, 
wireless  centric  applic.s.  Design, 
develop  &  test  (in  controlled 
envts)  real  time  intensive  applic.s 
to  meet  project  specs  for  transac¬ 
tion  process'g.  Evaluate  system 
reqmts  for  enhancemts.  Maintain 
existg  &  proposed  systems.  Co¬ 
ord  develpmt  tasks.  Provide  on 
call  support  to  applic.s,  systems 
&  prods.  Network'g  &  developg 
network  systems  Bach's  degree 
(or  for.  equiv.)  in  Computer  Sci¬ 
ence,  Eiec'l  or  Electronic  Engrg  + 
2  yrs  exp.  Fax  resume  to  (305) 
373-5596,  Attn:  Mr  Bald. 


Engineering  Technician  sought 
by  a  broadcast  and  satellite 
communications  company  in  Lit¬ 
tleton,  CO  to  work  in  Cheyenne, 
WY  &  other  unanticipated  job 
sites  in  the  US.  Design,  install, 
implement,  maintain  and  modify 
electronic  broadcast  equipment 
including  MPEG2  video  com¬ 
pression  systems.  Fine-tune 
MPEG2  and  other  electronic 
systems  for  video  quality;  com¬ 
press  video  and  audio  signals 
into  MPEG2  format;  complete 
data  encryption  on  each  signal; 
interface  MPEG2  system  with 
radio  frequency  and  broadcast 
system.  Plan  and  implement  net¬ 
working  for  broadcast  systems; 
troubleshoot  base  band  system 
to  ensure  broadcast  quality.  Set 
up  and  control  production  and 
recording  equipment  for  broad¬ 
casts;  control  necessary  equip¬ 
ment  to  regulate  transmission 
of  broadcasts.  Research  and 
recommend  new  broadcast  and 
video  compression  systems. 
Requires  3  years  as  a  Broadcast 
Engineer  including  design,  im¬ 
plementation  and  installation  of 
MPEG2  systems.8am-5pm,  M-F; 
$46,609/yr.  Respond  by  resume 
to  James  Shimada,  Colorado 
Department  of  Labor  &  Employ¬ 
ment.  Employment  &  Training 
Division,  Tower  II,  #400,  1515 
Arapahoe,  Denver,  CO  80202,  & 
refer  to  Job  Order  CO5022623 


Proa/Analvsts  to  analyze,  design 
web  appls  using  C,  C++,  Java, 
JDBC,  UML,  EJB,  JSP,  JMS, 
XML,  JavaScript,  HTML,  VBScript, 
etc  under  UNIX/Windows  OS; 
provide  on  site  maintenance 
such  as  debugging,  modifications, 
fine  tuning  and  code  optimization. 
Require  BS  or  foreign  equiv  in 
CS,  Engg(any  branch)  with  2 
yrs  exp  in  IT.  S/W  Engineers  to 
Design,  develop  and  maintain 
web  appls  using  C++,  ASP,  Java, 
J2EE,  Servlets,  HTML,  JavaScript, 
JDBC,  Oracle,  VC++,  PL/SQL, 
Jclass,  Pagelayout,  XML,  XSL, 
DTD,  Jprobe,  etc  on  Windows 
NT/UNIX  OS;  provide  training 
and  user  support  for  the  systems 
and  related  application  both 
internally  and  to  clients;  debug 
and  modify  existing  software. 
Require  MS  or  foreign  equiv  in 
CS  or  Engg  (any  branch)  with 
1  yr  exp  in  IT.  Highly  paid  F/T 
positions.  Travel  to  client  sites. 
Resumes  to  HR,  Fourth  Tech¬ 
nologies,  Inc.  1816  Springdale 
Road,  Cherry  Hill,  NJ  08003. 


Computer  Technology  Re¬ 
sources,  Inc.,  an  IT  firm  has  a 
continuing  need  for  the  following 
skilled  professionals.  Candidates 
must  be  willing  to  travel  exten¬ 
sively. 

•Programmer/Analyst 
"Software  Engineer 
"Project  Manager/Leader 
Please  send  a  detailed  resume 
with  salary  history  to  Computer 
Technology  Resources,  Inc., 
1 4785  Jeffrey  Road,  Suite  #210, 
Irvine,  CA  92620  or  email  to: 
CTRCAL  @  aol.com 


Software  Developer  (Denver,  CO) 
-Design  &  develop  distributed 
computer  software  programs  in 
UNIX  environment  using  various 
software,  programming  languages 
&  tools,  including  C,  C++.  Java, 
Perl,  CORBA,  Enterprise  Java 
Bean,  DCE,  TCP/IP,  Socket, 
Oracle  &  UNIX  development 
software  tools  to  implement 
gateway  interfaces  &  access 
legacy  system  data  &  function¬ 
ality. 

MS  in  Comp  Sci/Engineering/ 
related  field  +  working/theoretical 
knowledge  of  C,  C++,  Java,  dis¬ 
tributed  system  programming 
using  Perl,  CORBA,  Enterprise 
Java  Bean,  DCE,  Network 
programming  including  TCP/IP. 
Socket.  Oracle  &  UNIX  M-F  8- 
5.  $57K/yr  App.  by  resume  only 
to:  Employment  Programs,  PO 
Box  46547,  Denver,  CO  80202. 
Refer  to  job  order  #: 
C05023050. 


J-Squared  LLC  has  an  opening 
in  our  Colorado  Springs,  CO 
office  for  a  Sr.  Software  Engineer 
to,  at  a  senior  level,  design  and 
develop  mathematical  algorithms 
and  robotic  motion  control 
devices  at  the  32  bit  embedded 
level.  Successful  candidates 
should  have  a  master's  degree 
in  computer  science,  engineering, 
science  or  a  related  field  and 
at  least  two  years  experience 
developing  algorithms  and  C, 
C++,  and  Visual  C++  based  soft¬ 
ware  for  embedded  software  or 
firmware  for  image  processing, 
image  recognition  and  robotic 
control  devices.  Candidates 
must  also  have  working  knowl¬ 
edge  of  relational  database  man¬ 
agement  systems.  Interested 
candidates  should  send  re¬ 
sumes  to  Human  Resources,  J- 
Squared,  1110-C  Elkton  Drive, 
Colorado  Springs,  CO  80907. 


S/W  Engineers  to  lead  teams  to 
analyze,  design,  develop,  test, 
implement,  maintain  and  support 
client/server,  web,  wireless 
applications  using  XML,  WML, 
WAP,  JavaScript,  DHTML,  JDBC 
etc;  create  databases  using 
Oracle,  Developer  2000,  SQL 
Plus,  etc;  trouble  shoot  in  house 
problems;  interact  between  project 
members,  vendors  and  cus¬ 
tomers,  recommend  upgrades; 
provide  training  to  end  users/ 
team  members.  Require  Masters 
or  foreign  equiv  in  CS,  Science, 
Engg  (any  branch)  or  related 
field  with  3  yrs  exp  in  IT.  A  BS  or 
foreign  equiv  in  any  of  the  above 
with  5  yrs  of  relevant  progressive 
exp  will  also  be  accepted.  Highly 
paid  F/T  position.  Travel  required 
to  client  sites.  Resumes  to 
Ordusion  Technologies,  Inc. 
3883  Rogers  Bridge  Road,  Suite 
504,  Duluth,  GA  30097. 


Technical  Support  Specialist: 
Maintain  Computer  system  files 
&  servers;  trouble  shoot  &  ex¬ 
pand  internal  network/work  sta¬ 
tions;  interact  with  customers  to 
obtain  computer  graphical  files; 
coordinate  e-meetings;  install, 
maintain  &  implement  network¬ 
ing/  servers;  provide  training. 
Req.:  2yrs  in  job  offered  or  2  yrs 
in  related  occupation.  Send  re¬ 
sume  to  Stand-  out  Services 
#726,  3162  Johnson  Ferry  Rd. 
Ste.  260,  Marietta,  GA  30062. 
Ref  MS 


Customer  Support  Analyst  wanted 
to  provide  technical  support  with 
knowledge  in  DOE,  optimization, 
approximation,  stochastic  tools, 
complex  mathematical/statistical 
equations  for  users  of  complex 
integration/automation/optimiza¬ 
tion  engineering  software  products 
using  computer-based  design 
codes  and  engineering  design 
concepts;  identify  and  document 
software  deficiencies.  Master's 
Degree  in  a  relevant  engineering 
discipline  with  exp.  in  using  com¬ 
puter-based  design  codes. 
Please  send  resume  to  HR 
Dept.,  Engineous  Software  Inc., 
2000  CentreGreen  Way,  Suite 
100,  Cary,  NC  27513  (or  e-mail 
to  jobs@engineous.com). 


Java  Engineer  sought  by  a 
Medical  Device  and  Wound  Care 
Company  in  Princeton,  NJ.  Must 
have  a  Bachelor’s  degree  in  MIS 
or  Computer  Science.  Knowledge 
of  Java,  Servlets  and  JHTML  or 
JSP  coding,  working  knowledge 
in  using  UNIX  O/S  and  RDBMS 
applications  using  Oracle  8. 
Familiarity  with  server-side  pro¬ 
gramming.  Send  resumes  to: 
ConvaTec,  Human  Resources, 
Dept.  SD,  P.O.  Box  5254,  Prince¬ 
ton,  New  Jersey  08543-5254  - 
JOB  CODE:  LK-034 


Sure 

NetworkWorld, 
COMPUTERWORLD, 
AND  INFOWORLD 

Help  You  Do 
A  Better  Job. 


Now  Let  Us  Help 
You  Get  One. 
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Itanium 

continued  from  page  1 

“The  vast  majority  of  the  Itanium 
2  market  is  going  to  be  HP  RX 
[servers]  that  are  going  to  again 
be  primarily  [deployed  for]  soft¬ 
ware  development,  testing,  port¬ 
ing  and  proof  of  concept.  We 
may  even  see  some  technical 
computing.” 

Intel  would  be  among  the  first 
to  agree  that  Itanium  2  is  not  for 
everyone.  The  processor  will  be 
best  used  for  hosting  back-end 
and  mid-tier  database,  CRM  and 
business  intelligence  applica¬ 
tions  that  are  I/O-intensive  and 
require  high  performance,  says 
Lisa  Hambrick,  director  of  enter¬ 
prise  processor  marketing  at  In¬ 
tel.  She  says  servers  using  Intel’s 
32-bit  Xeon  or  Xeon  MP  proces¬ 
sors  are  still  fine  for  running  32- 
bit  applications  that  won’t  bene¬ 
fit  from  the  64-bit  characteristics 
of  Itanium. 

“The  Xeon  processor  has  legs, 
and  it  is  going  to  be  capable  for 
quite  a  while,”  says  Randall  Ken¬ 
nedy,  director  of  research  for 
Competitive  Systems  Analysis. 
“From  a  performance  standpoint, 
unless  you  have  an  application 
that  absolutely  needs  64-bit  [op¬ 
eration]  or  more  memory,  Xeon 
or  Xeon  MP  with  hyperthreading 
will  do  just  fine.” 

Hyperthreading,  or  simultane¬ 
ous  multithreading,  is  a  technol¬ 
ogy  Intel  has  integrated  into  the 
Itanium  and  Xeon  processors  in 
which  each  processor  can  in¬ 
crease  performance  by  as  much 
as  30%  by  running  two  tasks 
simultaneously,  while  sharing  the 
resources  of  a  single  processor. 

Some  users  say  they  need  the 
extra  performance,  large  cache 
and  memory  boost  that  Itanium 
2  offers. 

“We  have  several  data  ware¬ 
house  applications  that  would 
benefit  from  a  64-bit  platform 
assuming  the  operating  system, 
and  database  could  take  advan¬ 
tage  of  the  additional  powers 


Expected  in  Itanium  2 


Intel’s  new  64-bit  processor,  Itanium  2  (pictured),  will 
include  a  faster  system  bus  and  integrated  Layer  3  cache. 

Feature  Benefit 


Will  support  1-  to  32-processor 
servers 

Higher  performance. 

6.4G  bit/sec  system  bus 

Can  transfer  information  faster. 

3M  bytes  of  Layer  3  cache  on 
processor 

Quicker  response  than  external 
memory. 

6  instructions/cycle 

Ability  to  process  information  in 
parallel. 

512G  byte  memory  capacity 

Ability  to  store  more  instructions. 

Multiple  system  images 

Increased  application  availability. 

Flexible  page  support  up  to 

4G  bytes 

Efficient  operation. 

Compatible  with  future 
Itaniums 

Investment  protection. 

Supports  Windows  Advanced 
Server  and  .Net  Server,  HP- 
UX,  Linux 

Increased  flexibility.  '  ’ 

says  Terry  Roedecker,  a  network 
manager  for  a  financial  institu¬ 
tion  in  the  Southwest.“Our  main 
data  warehouse  is  growing  ex¬ 
ponentially,  and  the  customer 
requirements  for  that  database 
are  growing  even  faster.  The 
reports,  which  are  what-if  scenar¬ 
ios  of  different  stratifications  of 
our  loan  portfolio,  take  roughly 
three  hours  to  complete  on  a 
[four-processor]  Pentium  III  700- 
M  Hz-based  Xeon  server.” 

In  the  year  the  processor  has 
been  shipping,  the  Itanium  mar¬ 
ket  has  grown  slowly,  analysts  say 
In  2001,  Gartner  says  that  just 
more  than  2,700  Itanium  servers 
shipped. Micro  Design  Resources, 
a  research  firm  specializing  in 
microprocessors,  says  Itanium 
shipments  will  ramp  up  quickly 
this  year.  The  firm  estimates  that 
Intel  will  sell  about  100,000  pro¬ 
cessors  by  the  end  of  2002. 

While  Intel  says  it  is  gunning  for 
the  high-end  server  market  domi¬ 
nated  by  RISC-based  processors 
from  Sun  and  IBM  that  cost  up  to 
$500,000,  analysts  are  skeptical 
about  Itanium’s  ability  to  crack 
this  market. 


“In  the 

eight-proces-' 
sor  and  possibly 
up  to  the  16-processor 
space,  you’ll  start  seeing 
more  deployments  of  Intel  dis¬ 
placing  the  use  of  RISC  architec¬ 
tures,”  Gartner’s  Butler  says.  “But,  I 
wouldn’t  [expect  to]  see  Intel 
designs  replacing  RISC  designs  at 
the  very  high  end  at  any  time  dur¬ 
ing  the  [Intel]  32-bit  lifetime.  Intel 
needs  Itanium  to  succeed  if 
they’re  going  to  ultimately  kill  off 
the  likes  of  [IBM’s]  Power  and 
Sun’s  SPARC.” 

Itanium  also  faces  a  perceived 
threat  from  the  AMD  32/64-bit  Op- 
teron  processor,  which  is  ex¬ 
pected  to  ship  in  the  first  half  of 
next  year.  Formerly  code-named 
Hammer,  Opteron  runs  32-  and 
64-bit  applications  in  native 
mode,  affording  a  migration  path 
for  users,  AMD  says.  By  contrast, 
Intel’s  Itanium  2  runs  32-bit  appli¬ 
cations  in  emulation  mode, 
which  is  slower  than  if  they  were 
to  run  on  32-bit  servers,  Intel  says. 

Because  Butler  estimates  that 
80%  of  the  existing  applications 
are  32-bit,  performance  degrada¬ 
tion  should  be  a  concern  to  users. 

Rocco  Esposito,  CTO  for  win¬ 
dow-coverings  manufacturer  Hun¬ 
ter  Douglas  in  Upper  Saddle  River, 
N.J.,  says  he  will  stay  with  32-bit 
servers,  such  as  Xeon  so  that  his 
32-bit  application  performance 
won’t  suffer. 

“If  there  was  performance  de¬ 
gradation  running  [32-bit  applica¬ 
tions]  on  a  64-bit  [Intel]  machine, 
I’d  opt  for  cheaper,  32-bit  hard¬ 
ware,”  he  says. 

Rex  Meek,  director  of  infrastruc¬ 
ture  support  for  AMD,  says  the 
biggest  drag  on  adoption  of  Op¬ 


teron  lies  not  in  the  technology 
itself,  but  in  user  reluctance  to 
buy  servers  from  anyone  except 
the  largest  of  system  vendors. 
IBM,  Dell  and  HP  have  not  an¬ 
nounced  plans  to  make  servers 
that  use  AMD  processors.  How¬ 
ever,  Meek  points  to  the  success 
of  the  AMD  Athlon  processor  in 
the  desktop  PC  market  and  says 
that  the  company  wants  to  bank 
on  that  success. 

AMD’s  Opteron  will  likely  be 
used  in  smaller  one-  to  eight-pro¬ 
cessor  servers,  whereas  several 
vendors,  including  Bull,  Hi¬ 
tachi,  NEC,  Unisys,  IBM 
and  HR  have 
already 
announced 
their  inten¬ 
tions  to  manu¬ 
facture  eight-  to 
64-processor 
Itanium-based  servers. 
Esposito,  however,  says 
another  factor  complicates 
Opteron  adoption:  applica¬ 
tion  support. 

“I  wouldn’t  buy  AMD  for  serious 
applications,  unless  Opteron’s 
market  share  was  large  enough  to 
ensure  proper  software  support,” 


story. 


Get  more  information  online. 
DocFinder:  1050 
www.nwfusion.com 


Retail 

continued  from  page  10 

database  and  data  warehouse  for  aggregating  not  only  merchandise 
information  from  its  10,000  retail  stores,  but  also  operations  data  from 
the  Boston  retail  liquidator’s  12  divisions.  Its  the  company’s  biggest  IT 
initiative,  Andrews  said. 

Proctor  &  Gamble  is  working  on  two  fronts  to  improve  supply-chain 
efficiencies, said  Stephen  David,  CIO  and  business-to-business  officer  at 

the  Cincinnati  consumer  goods 
manufacturer.  Externally  the 
focus  is  on  establishing  connec¬ 
tivity  with  supply-chain  partners, 
David  said.  Internally,  it’s  about 
reevaluating  business  processes. 

Overlooking  that  internal 
component  has  led  to  project 
failure  —  notably  a  Web  order 
management  system  that 
Proctor  &  Gamble  tried  and 
abandoned,  David  said.  The 
problem  was  simple:  “We  just 
went  out  and  created  a  system 
before  we  had  the  business 
processes  and  the  leadership 
down,”  he  said.  "We  got  a  little 
too  enamored  with  Web-based 

technology  a  little  bit  too  quickly.” 

Kilcourse,  too,  recalls  some  “irrational  exuberance”  that  felled  IT  pro¬ 
jects  at  Longs  Drugs.  He  wouldn’t  identify  specific  projects,  but  said  in 
each  case, “they  were  a  solution  looking  for  a  problem.” 

“We  all  like  to  work  on  sexy  projects,” Jones  Apparel  Groups  Lanham 
agreed.  In  his  experience,  infrastructure  requirements  often  get  short¬ 
changed. “I’ve  been  bit  more  than  a  few  times  by  sparing  some  of  the 
expense  of  making  sure  the  [WAN]  can  really  handle  the  load,  or  the 
[graphical  user]  interface  can  really  meet  the  metrics  imposed,” 
Lanham  said.Tve  learned  over  and  over  again  —  and  I  hopefully  have 
learned  permanently  —  that  you’ve  got  to  really  pay  attention  to  those 
blocking  and  tackling  issues.”  ■ 


Sharing  data 

Among  71  retail 
executives, 

46.5% 

deem  information 
access  and  dissemina¬ 
tion  to  be  their  No.  1 1T 
spending  priority  for 
the  next  two  years. 

SOURCE:  PRICEWATERHOUSECOOPERS 
CONSULTING  AND  E XE CU  T  I VE  TE C HNOLOG  Y 


Esposito  says. 

In  contrast,  Windows  Advanced 
Server  1.1,  HP-UX  Version  1 .5  and 
several  versions  of  Linux  run  on 
Itanium  2.Sixty-four-bit  versions  of 
Oracle  9i,  Microsoft  SQL  Server, 
SAP  R/3,  IBM’s  DB2  and  Release  9 
of  SAS  also  are  available.  Intel  says 
that  future  releases  of  software 
from  Veritas,  BMC,  Tivoli  Systems 
and  Computer  Associates,  among 
others,  are  in  the  works. 

HP  is  putting  as  much  support 
behind  Itanium  as  Intel.  HP  has 
committed  to  migrate  its  RISC, 
Alpha  and  MIPS-based  servers  to 
the  platform  and  port  its  HP-UX, 
OpenVMS  and  the  NonStop 
Kernel  operating  systems  to  work 
on  the  64-bit  processor. 

According  to  Intel,  the  price  for 
an  1-GHz  Itanium  2  four-proces¬ 
sor  server  with  8G  bytes  of  mem¬ 
ory  is  about  $50,000.  It  is  expected 
that  less-powerful  Itaniums  will 
start  for  much  less. 

Network  World  Senior  Writer 
Jennifer  Mears  contributed  to  this 
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Palladium 

continued  from  page  1 

chips  installed  on  a  PC  to  cre¬ 
ate  trusted  “sandboxes”  where 
programs  and  operations  can 
be  executed  securely.  It  is  de¬ 
signed  to  eliminate  the  security 
holes  Microsoft  has  been  un¬ 
able  to  plug. 

Palladium  is  Microsoft’s  most 
ambitious  effort  under  its  6- 
month-old  Trustworthy  Compu¬ 
ting  initiative. 

Network  executives  and  other 
experts  say  the  promise  of  Pal¬ 
ladium  is  intriguing  but  that 
Microsoft  will  have  to  overcome 
its  reputation  for  weak  system 
security  and  heavy-handed  tac¬ 
tics  with  business  partners. 

“This  is  one  of  those  things  that 
if  it  works  like  it  says  it  will  on 
paper  it  will  be  great,”  says  Jeff 
Allred,  manager  of  network  ser¬ 
vices  for  Duke  University  Cancer 
Center  in  Durham,  N.C.“But  every 
lock  has  a  key,  and  nothing 
Microsoft  has  put  out  has  been 
hack-proof. They  have  a  lot  of  hur¬ 
dles  to  get  over,  including  the 
retooling  that  every  processor 
and  hardware  manufacturer  in 
the  world  will  have  to  go  through 
to  support  Palladium.” 

Experts  say  that  is  the  project’s 
major  challenge.  Intel  and  Ad¬ 
vanced  Micro  Devices  are  among 
a  dozen  partners  working  with 
Microsoft  on  Palladium. 

“Hardware  will  have  to  be 
modified  and  it  will  have  to  be 
done  right,  it  will  have  to  be  per¬ 
fect,”  says  Martin  Reynolds,  a 
Gartner  analyst.  “It’s  the  proces¬ 
sors,  the  chip  sets,  the  silicon  that 
secures  the  certificates.”  Those 
certificates  are  stored  in  hard¬ 
ware  and  are  used  to  determine 
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Secure  PC 

Microsoft  last  week  introduced  its  Palladium  project  to 
create  a  secure  computing  environment  based  on  a 
combination  of  PC  hardware  and  software.  Here  is  a  look  at 
the  layers  used  to  construct  a  standard  PC  and  a  PC  that 
incorporates  Palladium. 


Secure  PC 


Standard  PC 


Applications 


APIs 


Operating  system 


Hardware  abstraction 


Physical  PC  hardware 


what  code  or  communication 
Palladium  will  trust. 

A  network  of  certificate  au¬ 
thorities  that  issue  and  revoke 
certificates  also  has  to  be  estab¬ 
lished,  something  that  has  im¬ 
peded  implementations  of  pub¬ 
lic-key  infrastructure. 

Reynolds  says  Palladium  also 
will  have  to  be  pristine  because  if 
it  is  upgraded,  patched  or 
changed  in  any  way  the  hardware 
security  certificates  become  in¬ 
valid  and  Palladium  shuts  down. 

Regardless,  Reynolds  calls  Pal¬ 
ladium, “a  very  clever  solution.” 

Palladium  will  work  in  parallel 
with  the  Windows  operating  sys¬ 
tem,  letting  the  operating  system 
pass  to  Palladium  its  most  sensi¬ 
tive  operations.  In  turn,  Palladium 
can  reserve  memory  for  those 
operations,  performing  them  in  a 
“virtual  vault,”  which,  for  example, 
would  prevent  malicious  code 
from  spreading  to  other  parts  of 
the  system. 

Microsoft  has  not  mentioned  a 
timetable  for  Palladium’s  release, 
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Operating  system  +  Palladium 


Hardware  abstraction 


PC  hardware  with  security 


but  speculation  is  that  it  could  de 
delivered  in  2004  with  Longhorn, 
the  next  version  of  the  Windows 
operating  system. 

The  work  is  not  without  prece¬ 
dence.  For  the  past  three  years, 
IBM  has  shipped  millions  of  PCs 
with  an  embedded  security  pro¬ 
cessor,  mostly  to  financial  ser¬ 
vices  and  healthcare  customers. 
The  processor  and  special  soft¬ 
ware  work  together  as  a  gate¬ 
keeper  to  validate  everything  that 
happens  on  the  machine. 

The  processor  grew  out  of  work 
begun  in  1999  by  the  Trusted 
Computing  Platform  Alliance 
(TCPA),  founded  by  IBM,  Intel, 
Hewlett-Packard,  Compaq  (now 
part  of  HP), but  not  Microsoft. The 
goal  is  to  deliver  a  set  of  hardware 
and  operating  system  security 
capabilities  that  enhance  trust 
and  security  in  computing.  Last 
year  the  TCPA  published  its  1.1 


specification. 

“Microsoft  is  re-creating  this 
work  and  pushing  it,”  says  Clain 
Anderson,  director  of  security  so¬ 
lutions  in  IBM’s  personal  comput¬ 
ing  division.  “Building  right  into 
the  operating  system  the  software 
to  run  the  chip  is  a  logical  pro¬ 
gression  of  this  work.”  One  change 
is  speed  —  IBM  runs  everything 
on  the  chip, but  Palladium  will  use 
operating  system  memory  to  cre¬ 
ate  a  much  faster  system. 

Microsoft  also  must  make  other 
improvements,  especially  be¬ 
cause  it  wants  Palladium  to  se¬ 
cure  communication  from  the 
keyboard  to  the  Internet. 

“Their  software  will  require  a 
lot  of  interface  work  and  that  will 
require  new  inventions  and  that 
means  a  lot  of  work  for  [inde¬ 
pendent  software  vendors] ,” 
Anderson  says.  IBM  has  only  two 
interfaces,  Microsoft’s  Crypto  API 
and  Public  Key  Cryptography 
System  11,  to  integrate  products 
from  vendors  such  as  Entrust 
and  RSA  Security  Microsoft  will 
need  more  to  support  features 
beyond  cryptography 

Industry  support  will  play  a 
big  role  if  Palladium  is  to  ever 
succeed. 

“We  know  this  can  only  work  if 
it  is  a  collaborative  process,”  says 
Mario  Juarez,  group  product  man¬ 
ager  for  the  Palladium  team. “But 
how  that  will  shake  out, we  do  not 
know.  The  challenge  is  how  do 
you  start  this  evolution.  We  need 
to  do  some  things  differently.” 

For  one,  Palladium’s  source 
code  will  be  released  publicly  but 
Juarez  did  not  say  how  it  would 


be  licensed. 

One  would-be  collaborator, 
RSA,  welcomes  Microsoft’s  ef¬ 
forts,  but  recognizes  the  chal¬ 
lenges  ahead. 

“When  you  build  security  from 
the  ground  up  you  get  much  bet¬ 
ter  security’  says  John  Worrall, 
vice  president  of  marketing  for 
RSA,  which  has  been  working  for 
the  past  two  years  on  its  own 
encryption-on-a-chip  project.  He 
says  that  experience  underscores 
Palladium’s  challenges. 

“If  you  have  an  application  writ¬ 
ten  for  our  particular  encryption 
chip  and  it  runs  on  a  PC  without 
the  chip,  you  get  subpar  perfor¬ 
mance,”  Worrall  says.  RSA  has 
developed  software  that  helps 
correct  that  problem. 

Juarez  says  that  will  be  an  issue 
and  that  widespread  adoption 
will  be  key  to  Palladium,  which 
will  not  run  by  default  but  will 
have  an  opt-in  feature. 

Opt-in  is  a  key  concept. 

“Microsoft  has  to  go  back  to 
customers  and  say,  ‘You  need 
another  hardware  and  software 
upgrade,’”  says  Phil  Schacter,  an 
analyst  with  The  Burton  Group. 
“And  how  easy  will  it  be  for  third- 
party  vendors  to  write  secure, 
certifiable  software?” 

But  Schacter  says  Microsoft  is 
showing  maturity  in  its  security 
thinking  and  now  must  do  that  in 
its  design  and  execution. 

“This  kick-starts  an  interesting 
discussion  in  the  industry”  he 
says.  ■ 

Get  more  information  online. 
OocFinder:  1051 
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racetrack.  OpenView  spots  when 
a  WAN  line  is  over  capacity  or 
down,  and  automatically  reroutes 
priority  traffic  over  another  line, 
keeping  locations  connected.  Sa- 
ville  says  in  the  past,  “it  was  just 
wait  and  hope  the  line  comes 
back,  while  no  one  was  getting 
any  service.” 

Meanwhile,  HP  has  enhanced 
many  products  to  include  auto¬ 
mated  features,  but  the  one  most  related  to  service- 
level  management  is  Service  Desk  4.5,  software  that 
monitors  and  measures  the  performance  of  net¬ 
work  elements  to  ensure  service-level  agreements 
(SLA)  are  met. 

HP  included  support  for  service-level  violation 
alerts  in  its  release  of  Service  Desk  4.5  and  a  feature 
that  populates  SLA  data  to  other  software  tools  not 
typically  looking  at  service  objectives  as  a  measure 
of  network  performance  and  availability. 

Service  Desk  can  feed  its  data  into  OpenView 
Operations,  software  that  monitors  availability  and 
overall  health  of  networks  and  systems.  In  this  sce- 


llThe  silver  bullet  in  IT  today 
is  service  management.  It  will 
help  IT  departments  do  a  better 
job  and  do  it  for  less  money.  11 

Patty  Azzarello 

Vice  president  and  general  manager  of  the 
OpenView  Software  Business  Unit,  HP 


nario.  Operations  could  detect  and  alert  IT  staff  not 
only  when  a  predefined  threshold  is  missed  on  a 
server,  but  also  when  that  server’s  performance  caus¬ 
es  a  service  level  to  be  missed. 

Industry  watchers  say  service-ievel  management 
could  go  a  long  way  toward  speeding  time  to  reso¬ 
lution,  improving  network  performance  and  helping 
IT  contribute  to  a  company’s  line  of  business. 

“Service-level  management  can  help  IT  work 
with  other  lines  of  business  and  better  deliver  ser¬ 
vices,”  says  Valerie  O’Connell,  an  analyst  with 
Aberdeen  Group. 

HP:  www.hp.com 
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BackSpin 


Mark  Gibbs 


Links  to  sue  for 


Inline  links  “are  explicitly  prohib¬ 
ited  by  KPMG  and  may  present 
trademark  and  copyright  infringe¬ 
ment  issues." 

—  KPMG’s  “Global  Legal  Disclaimer,” 
www.kpmg.com/disclaimer.html. 


“If  you  operate  a  Web  site  and  wish 
to  link  to  this  site,  you  may  link  only  to  the  home 
page  of  the  site  and  not  to  any  other  page  or  subdo¬ 
main  of  us" 

—  The  Dallas  Morning  News'  Registration:  Terms  of  Service, 
which  the  paper  seems  to  think  applies  even  if  you  don’t  register, 
www.kpmg.com/disclaimer.html. 

“Linking  to  ...  any  material  on  this  site  without  the 
prior  written  consent  of  NPR  is  prohibited" 

—  National  Public  Radio’s  “Request  Permission  to  Link  to 
NPR.org,"  www.npr.org/about/linking_form.html. 

In  theory  I’ve  just  broken  the  law  ...  I  linked  to  all 
the  above  sites  in  violation  of  their  policies. 

“Huh?”  you  might  be  saying. 

The  issue  for  these  organizations  is  deep  linking,  or 
linking  from  another  Web  site  to  content  below  a 
home  page.  Rather  than  solve  the  problem  with 
technology  they  opted  to  bully  sites  into  removing 
all  links  except  those  to  their  home  pages. 

These  organizations  simply  don’t  get  it.Their  whin¬ 
ing  about  copyright  infringement  because  of  deep 
linking  is  on  par  with  a  book  publisher  complaining 


that  a  library’s  card  catalog  that  indexes  one  of  the 
publisher’s  books  violates  the  publisher’s  copyright! 

Here  we  have  a  professional  services  firm,  a  news 
organization  and  one  of  the  greatest  public  broad¬ 
casting  organizations  in  the  world,  and  they  are  all 
willing  to  let  a  public  relations  disaster  explode 
around  them  for  the  sake  of  some  policy  that  could 
be  easily  implemented  by  a  few  lines  of  code! 

One  well-publicized  deep  linking  case  has  been 
that  of  BarkingDogs.org,  a  news  Web  site  for  the 
Lower  Greenville  area  of  Dallas.  BarkingDogs  had 
the  temerity  to  deep  link  to  stories  within  The  Dallas 
Morning  News  site,  DallasNews.com. 

For  some  insane  reason,  the  owners  of  The  Dallas 
Morning  News,  a  company  named  Belo,  one  of  the 
nation’s  largest  media  companies,  sent  BarkingDogs 
a  cease-and-desist  letter!  Belo’s  lawyers  demanded 
that  BarkingDogs  only  link  to  dallasnews.com’s 
home  page  and  contended  that  deep  linking  with¬ 
out  permission  violated  the  newspaper’s  copyrights. 

There  is  so  much  wrong  with  the  thinking  of  these 
companies.To  begin  with,  there’s  the  issue  of  the 
doctrine  of  fair  use.  1  quote  Bitlaw:“The  doctrine  of 
fair  use  developed  over  the  years  as  courts  tried  to 
balance  the  rights  of  copyright  owners  with  society’s 
interest  in  allowing  copying  in  certain,  limited  cir- 
cumstances.This  doctrine  has  at  its  core  a  funda¬ 
mental  belief  that  not  all  copying  should  be  banned, 


particularly  in  socially  important  endeavors  such  as 
criticism,  news  reporting,  teaching  and  research.” 

But  that  concept  hasn’t  stopped  NPR  from  declar¬ 
ing  that  its  no-links  policy  “was  originally  intended  to 
maintain  NPRs  commitment  to  independent,  non¬ 
commercial  journalism. We  have  . . .encountered 
Web  sites  of  issue  advocacy  groups  that  have  posi¬ 
tioned  the  audio  link  to  an  NPR  story  such  that  one 
cannot  tell  that  NPR  is  not  supporting  their  cause. 
This  is  not  acceptable  to  NPR  as  an  organization 
dedicated  to  the  highest  journalistic  ethics,  both  in 
fact  and  appearance.” 

While  you  must  agree  that  NPR  has  every  right  to 
protect  abuse  of  its  copyright  —  for  example,  some¬ 
one  republishing  whole  audio  shows  —  stifling  free 
speech  and  essentially  disallowing  fair  use  by  trying 
to  prohibit  deep  linking  is  obviously  unethical. 

In  Europe,  the  Danish  Newspaper  Publishers’ 
Association  has  taken  a  news  aggregation  company 
Newsbooster,  to  court  over  deep  linking.  If  the  court 
finds  in  the  DNPAs  favor,  the  ruling  will  apply  in 
Europe  as  a  whole  (see  www.nwfusion.com, 
DocFinder:  1048). 

These  organizations  are  being  irrational. There  are 
simple  technical  solutions.  And  until  they  stop  acting 
like  bullies,  they  can  kiss  my  anchor.  So  sue  me. 

Link  as  deeply  as  you  please  to  backspin@gibbs.com. 
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By  Paul  McNamara 

Hands-free  communicator  looks  handy 

A  big  problem  with  a  lot  of  wireless  technology  is 
that  the  practical  applications  all  too  often  don’t 
seem  all  that  practical. 

Such  is  not  the  case  with  a  start-up  called  Vocera 
and  its  Vocera  Communications  System.  Based  in 
Cupertino,  Calif.,  and  backed  by  $20  million  in  ven¬ 
ture  funding,  the  company  has  an  802. lib-based 
wireless  LAN  product  that  looks  to  be  just  what  the  doctor  ordered  for  hospitals, 
large  retail  stores,  sprawling  factories  and  other  workplaces  where  hands-free 
communication  is  desirable. 

The  system  consists  of  server  software  and  a  communications  badge  that 

users  clip  to  their  clothing. 

"The  biggest  differentiator  is  that  the  badge  is  truly  wearable,  both  because  of 
how  little  it  weighs  —  1.6  ounces  —  and  also  because  the  interaction  with  it  is 
done  through  voice  commands  as  opposed  to  through  manual  manipulation,”  says 
Brent  Lang,  Vocera’s  vice  president  of  marketing. 

“The  workers  we  are  targeting  —  mobile  professionals  who  are  on  their  feet 
and  using  their  hands  as  they  do  their  jobs  —  really  can’t  stop  and  use  a  tele¬ 
phone  where  they  have  to  dial  an  extension  number  or  even  a  walkie-talkie  where 
you  have  to  push  to  talk,"  Lang  says. 

The  badge  does  indeed  require  users  to  push  a  button  to  activate,  although  it’s 
a  single  push  instead  of  a  continuing  press-and-release  action  as  found  on  a 
walkie-talkie.  But  it’s  the  server  that  really  sets  this  system  apart. 

“Because  it’s  all  database-driven  using  voice  commands,  you  can  do  things  that 
aren't  architecturally  possible  with  telephony  systems,"  Lang  says.  "For  example,  in 
a  hospital  environment  you  can  place  a  call  to  a  function  such  as  anesthesiology, 


and  our  system  will  look  up  who  the  available  anesthesiologists  are  and  use  a  round- 
robin  approach  to  find  the  first  available  one.  You  don't  have  to  know  that  person's 
name  or  number;  you  just  need  to  know  that  you  need  an  anesthesiologist.” 

The  system  also  connects  to  your  PBX  so  users  can  make  calls  to  and  receive 
calls  from  the  outside  world,  providing  they’ve  been  granted  permission. 

The  company  isn’t  talking  about  prices  publicly,  so  whether  all  this  convenience 
is  affordable  remains  something  of  a  mystery. 

Sock  puppet  lands  on  his  feet 

The  Pets.com  sock  puppet  was  always  the  best  thing  about  Pets.com. 

That's  not  saying  much,  but  it  was  still  heartening  to  see  last  week  that  the 
Internet's  most  famous  pitch-pet  has  landed  a  new  gig.  This  time  the  wisecrack¬ 
ing  pooch  will  be  peddling  car  loans  for  1-800-Bar  None,  a  California  company 
that  caters  to  those  whose  credit  has  gone  to  the  dogs. 

The  company's  message  —  “Everyone  deserves  a  second  chance"  —  would 
seem  to  be  a  natural  for  a  canine  icon  chosen  by  the  press  to  symbolize  every 
flea-bitten  business  plan  that  landed  venture  funding  during  the  dot-com  mania. 

And  who  knows?  Maybe  there  will  even  be  a  redemption  opportunity  someday 
for  the  puppet's  former  employer.  Perhaps  Pets.com  was  just  ahead  of  its  time 
and  there  really  is  a  business  to  be  built  around  delivering  30-pound  bags  of  dog 
chow  to  people's  front  porches. 

OK,  so  the  “everyone"  in  that  company  slogan  shouldn't  be  taken  quite  that  literally. 

Speaking  of  second  chances . . . 

Let’s  correct  an  error  in  last  week's  column.  AOL  paid  about  $4.2  billion  for 
Netscape,  give  or  take  a  fluctuating  stock  price  in  1999. 

Everyone  also  deserves  a  chance  to  tell  the  columnist  a  thing  or  two.  The  address 
is  buzz@nww.com. 


(©server 


Under  the  umbrella  of  IBM  (©server  xSeriesT,M  meteorological  supersite  weather.com  is  enjoying 
meteoric  success.  Thanks  in  part  to  the  installation  of  IBM  (Intel®  processor-based)  servers  running 
Linux®  Select  xSeries  models  feature  the  Intel  Xeon™  processor  to  give  you  superior  performance 
and  cost-effectiveness.  For  a  guide  on  how  our  self-managing  features  can  benefit  your  business, 
visitibm.com/eserver/weather 


All  numbers  and  results  reported  are  from  customer  sources.  This  customer  example  is  intended  as  an  illustration  only.  Costs  and  results  obtained  in  other  customer  environments  will  vary  depending,  among  other  things,  on  individual 
customer  configurations  and  conditions.  IBM,  the  e-business  logo,  e-business  is  the  game.  Play  to  win  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  Linux  is  a  registered 
trademark  of  Linus  Torvalds  Intel,  the  Intel  Inside  logo,  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries  Other  company,  product  and  servce  names  may 
be  trademarks  or  service  marks  of  others.  '&'•  2002  IBM  Corporation.  All  rights  reserved. 
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Microsoft  Excj 


Are  you  getting  the  most  from  your  Frame  Relay  network?  How  do 


you  know?  With  the  IQ  710™  from  ADTRAN,  you  can  look  inside  your 
Frame  Relay  network  to  identify  bottlenecks,  then  optimize  network 
performance  in  real  time.  This  comprehensive  traffic  management 
platform  gives  you  a  complete  view  of  the  network,  from  physical  to 
application  layers.  With  it,  you  can  automatically  identify  and  track 
more  than  300  user  applications,  then  prioritize  those  applications  to 
guarantee  that  mission-critical  tasks  have  the  bandwidth  they  need, 
when  they  need  it.  Do  you  need  to  buy  more  bandwidth?  Maybe  not. 
IQ  710  performance  monitoring  lets  you  analyze  traffic  patterns  and 
monitor  network  activity.  Once  trends  are  identified,  traffic  shaping 
lets  you  allocate  bandwidth  as  necessary  to  meet  demand.  Take  control 
of  your  Frame  Relay  network,  now,  with  IQ  710. 


Eliminate  guesswork! 

ADTRAN's  N-Form’”  web-based 
network  management  suite 
automatically  generates  informative 
reports  on  bandwidth  utilization, 
pplication  retransmissions  and  other 
network  variables  to  help  you  make 
informed  decisions. 


For  a  free  "Smart  Control  for  Frame  Relay  Networks 
Performance  Monitoring  &  Traffic  Shaping" 
white  paper,  visit  www.adtran.com/nw0701 02. 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRAN 


